Lucene search
K

49 matches found

OSV
OSV
added 2024/04/16 8:15 p.m.3 views

DEBIAN-CVE-2022-24810

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...

8.8CVSS6.9AI score0.01146EPSS
Exploits0References1
OSV
OSV
added 2024/04/16 8:15 p.m.2 views

DEBIAN-CVE-2022-24806

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can exploit an Improper Input Validation vulnerability when SETing malformed OIDs in master agent and subagent simultaneously. Version 5.9.2 contains a...

5.3CVSS6.8AI score0.01052EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2024/04/16 7:44 p.m.36 views

CVE-2022-24806

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can exploit an Improper Input Validation vulnerability when SETing malformed OIDs in master agent and subagent simultaneously. Version 5.9.2 contains a...

6.5CVSS7.3AI score0.01052EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.24 views

EulerOS Virtualization 3.0.6.6 : openssl098e (EulerOS-SA-2023-3409)

According to the versions of the openssl098e package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509...

7.5CVSS6.7AI score0.75116EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:28 a.m.4 views

SUSE CVE-2018-9270

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/oids.c has a memory leak...

5.3CVSS7AI score0.02406EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.3 views

SUSE CVE-2022-24806

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can exploit an Improper Input Validation vulnerability when SETing malformed OIDs in master agent and subagent simultaneously. Version 5.9.2 contains a...

5.9CVSS6.9AI score0.01052EPSS
Exploits0References7
OSV
OSV
added 2022/08/09 4:57 p.m.14 views

CLSA-2022-1660064249 Fix CVE(s): CVE-2022-21434, CVE-2022-21426, CVE-2022-21443, CVE-2022-34169, CVE-2022-21540, CVE-2022-21541, CVE-2022-21476, CVE-2022-21496

Backport upstream releases 8u342 and 8u332 to 16.04 LTS Security fixes in 8u342: - JDK-8272243: Improve DER parsing - JDK-8272249: Better properties of loaded Properties - JDK-8277608: Address IP Addressing - JDK-8281859, CVE-2022-21540: Improve class compilation - JDK-8281866, CVE-2022-21541:...

7.5CVSS6.9AI score0.17673EPSS
Exploits2References1
Veracode
Veracode
added 2022/07/25 10:21 a.m.3 views

Improper Input Validation

net-snmp is vulnerable to improper input validation. The vulnerability exists when SETing malformed OIDs in master agent and subagent simultaneously because the inputs are not properly validated which allows an attacker to bypass validations...

6.5CVSS6.5AI score0.01052EPSS
Exploits0References13Affected Software1
OSV
OSV
added 2022/07/08 11:42 a.m.3 views

UBUNTU-CVE-2022-24806

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can exploit an Improper Input Validation vulnerability when SETing malformed OIDs in master agent and subagent simultaneously. Version 5.9.2 contains a...

6.5CVSS6.8AI score0.01052EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2022/07/01 5:56 p.m.36 views

CVE-2022-24806

A flaw was found in net-snmp. This issue occurs due to improper input validation when simultaneously setting malformed OIDs in the master agent and subagent...

5.9CVSS3.2AI score0.01052EPSS
Exploits0References3
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/07/02 10:40 a.m.195 views

SNMP – Simply Not My Problem. Or is it?

TL;DR: Use SNMPv3; long gone is default community strings, hello complex passwords! Remove from the internet, if required, implement a VPN solution to restrict access to only authorised parties. SNMP is a protocol used for the remote management of devices on a network. By remote, we mean access...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/09/27 12:0 a.m.36 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : strongSwan vulnerabilities (USN-3771-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3771-1 advisory. It was discovered that strongSwan incorrectly handled IKEv2 key derivation. A remote attacker could possibly use this issue to...

7.5CVSS7.1AI score0.07124EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2018/09/25 12:34 p.m.62 views

USN-3771-1: strongSwan vulnerabilities

It was discovered that strongSwan incorrectly handled IKEv2 key derivation. A remote attacker could possibly use this issue to cause strongSwan to crash, resulting in a denial of service. CVE-2018-10811 Sze Yiu Chau discovered that strongSwan incorrectly handled parsing OIDs in the gmp plugin. A...

7.5CVSS7AI score0.07124EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/04/20 12:0 a.m.37 views

SUSE SLES11 Security Update : wireshark (SUSE-SU-2018:0980-1)

This update for wireshark fixes the following issues : - Update to wireshark 2.2.14, fix such issues : - bsc1088200 VUL-0: wireshark: multiple vulnerabilities fixed in 2.2.14, 2.4.6 - CVE-2018-9256: LWAPP dissector crash - CVE-2018-9260: IEEE 802.15.4 dissector crash - CVE-2018-9261: NBAP dissect...

7.5CVSS6.6AI score0.02938EPSS
Exploits17References36
OSV
OSV
added 2018/04/04 7:29 a.m.2 views

DEBIAN-CVE-2018-9270

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/oids.c has a memory leak...

7.5CVSS7AI score0.02406EPSS
Exploits1References1
OSV
OSV
added 2018/04/04 7:29 a.m.3 views

UBUNTU-CVE-2018-9270

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/oids.c has a memory leak...

7.5CVSS6.8AI score0.02406EPSS
Exploits1References5
Cvelist
Cvelist
added 2017/12/20 10:0 p.m.22 views

CVE-2017-5257

In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows or guesses the SNMP read/write RW community string can insert XSS strings in certain SNMP OIDs which will execute in the context of the currently-logged on user...

5.4AI score0.00521EPSS
Exploits0References1
Qualys Blog
Qualys Blog
added 2017/09/19 11:38 a.m.72 views

Fixing HPKP with Certificate Constraints

This is the third post in my series on HPKP. In my first post I declared HPKP dead, and in my second post I explored the possibility of fixing it by introducing pin revocation. Today I will consider an entirely different approach to make HPKP much safer, by changing how it’s activated. In my...

6.8AI score
Exploits0
NVD
NVD
added 2017/07/17 9:29 p.m.21 views

CVE-2017-6737

A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. The vulnerability is due to a...

9CVSS9.4AI score0.42632EPSS
Exploits0References5
NVD
NVD
added 2017/07/17 9:29 p.m.23 views

CVE-2017-6740

The Simple Network Management Protocol SNMP subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these...

9CVSS9.1AI score0.10788EPSS
Exploits0References5
Rows per page
Query Builder