SUSE CVE-2016-6508

epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 uses an incorrect integer data type, which allows remote attackers to cause a denial of service large loop via a crafted packet...

SUSE CVE-2020-14364

An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setuplen' exceeds its 'databuf4096' in the dotokenin, dotokenout routines. This flaw allows a guest user to crash...

Qualcomm 芯片缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and is often manufactured on the surface of semiconductor wafers. The Qualcomm chip has a security vulnerability that stems from an informatio...

CVE-2022-25734 Loop with Unreachable Exit Condition in MODEM

Denial of service in modem due to missing null check while processing IP packets with padding...

PT-2023-12812 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to a denial of service in the modem due to a missing null check while processing TCP or UDP packets from the server. Recommendations: At the moment, there is no informati...

zeek -- potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports: A missing field in the SMB FSControl script-land record could cause a heap buffer overflow when receiving packets containing those header types. Receiving a series of packets that start with HTTP/1.0 and then switch to HTTP/0.9 could cause Zeek to spend a lar...

The vulnerability of the ODBC Agent component of the ColdFusion software platform allows attackers to execute arbitrary code or cause service interruptions.

The vulnerability of the ODBC Agent component of the ColdFusion software platform relates to the execution of operations beyond the buffer boundaries when processing GIOP packets. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause service failures...

Important: Red Hat Security Advisory: dpdk security update

An update for dpdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Important: Red Hat Security Advisory: dpdk security update

An update for dpdk is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

RLSA-2023:0171 Important: dpdk security update

The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Security Fixes: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs CVE-2022-2132 For more details about the security...

Important: dpdk security update

The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Security Fixes: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs CVE-2022-2132 For more details about the security...

CVE-2021-44693

Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device...

RLSA-2022:8263 Important: dpdk security and bug fix update

The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Security Fixes: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs CVE-2022-2132 DPDK: out-of-bounds read/write in...

ALSA-2022:8263 Important: dpdk security and bug fix update

The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Security Fixes: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs CVE-2022-2132 DPDK: out-of-bounds read/write in...

The vulnerability of Moxa EDR-G903, EDR-G902, and EDR-810 microprogrammed router software lies in the lack of memory release, which allows attackers to trigger a service failure.

The vulnerability of Moxa EDR-G903, EDR-G902, and EDR-810 microprogrammed router software lies in the lack of memory release when processing a large number of packets. Exploiting this vulnerability can allow a remote attacker to cause service failures...

CVE-2022-38980

The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control permissions...

Information Disclosure

libpjsip.so is vulnerable to information disclosure. The vulnerability exists during packet processing in the function srtprtpcb in transportsrtp.c because PJSIP may incorrectly switch from using SRTP media transport to using basic RTP upon SRTP restart which allows an attacker to gain access to...

CVE-2022-20870

The CVE-2022-20870 entry concerns Cisco IOS XE Software on Cisco Catalyst 3650, 3850, and 9000-series switches, where the egress MPLS packet processing function validates IPv4 input incorrectly. This can allow an unauthenticated, remote attacker to cause an affected device to reload, triggering a...

Cisco IOS和Cisco IOS XE Software 输入验证错误漏洞

Cisco IOS and Cisco IOS XE Software are both products of Cisco, Inc.Cisco IOS is a set of operating systems developed for its network devices.Cisco IOS XE Software is an operating system. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE...

CVE-2022-23689

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Successful exploitation of these vulnerabilities may allow an attacker to impact the availability of the AOS-CX LLDP service and/or the management plane of the switch in ArubaOS-CX Switches versions:...