CVE-2020-16092

An assertion failure flaw was found in QEMU in the network packet processing component. This issue affects the "e1000e" and "vmxnet3" network devices. This flaw allows a malicious guest user or process to abort the QEMU process on the host, resulting in a denial of service...

OSV-2020-177 UNKNOWN in get_ndpi_flow_info6

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20747 Crash type: UNKNOWN Crash state: getndpiflowinfo6 packetprocessing ndpiworkflowprocesspacket...

The vulnerability in the implementation of the Common Industrial Protocol (CIP) for Cisco IOS and Cisco IOS XE operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the implementation of the Common Industrial Protocol CIP in Cisco IOS and Cisco IOS XE operating systems is related to insufficient validation of input data during the processing of CIP packets. Exploiting this vulnerability can allow a malicious actor to cause service...

Cisco Firepower Threat Defense (FTD) DNS Denial of Service (cisco-sa-asaftd-ipv6-67pA658k)

According to its self-reported version, Cisco Firepower Threat Defense FTD Software is affected by a denial of service DoS vulnerability in IPV6 DNS packet processing component due to insufficient validation of user-supplied input. An unauthenticated, remote attacker can exploit this issue, by...

UBUNTU-CVE-2020-11089

In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions parallelprocessirpcreate, serialprocessirpcreate, driveprocessirpwrite, printerprocessirpwrite, rdpeirecvpdu, serialprocessirpwrite. This has been fixed in 2.1.0...

The vulnerability of Cisco Aironet Access Points of models 1540 and 1800, related to improper processing of client packets sent to the vulnerable access point, allows a perpetrator to cause service failure.

The vulnerability of Cisco Aironet Access Points models 1540 and 1800 relates to the improper processing of client packets sent to the vulnerable access points. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending specially crafted packets...

[SECURITY] Fedora 32 Update: dpdk-19.11.1-2.fc32

The Data Plane Development Kit is a set of libraries and drivers for fast packet processing in the user space...

RUSTSEC-2020-0019 tokio-rustls reads may cause excessive memory usage

tokio-rustls does not call processnewpackets immediately after read, so the expected termination condition wantsread always returns true. As long as new incoming data arrives faster than it is processed and the reader does not return pending, data will be buffered. This may cause DoS...

Cisco Adaptive Security Appliance Denial of Service (cisco-sa-fp2100-arp-dos-kLdCK8ks)

A denial of service vulnerability exists in the ARP packet processing component of Cisco Adaptive Security Appliance ASA software due to insufficient validation of ARP data. An unauthenticated, adjacent attacker can exploit this to cause to cause the system to stop responding. Please see the...

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...

CVE-2020-3260 Cisco Aironet Series Access Points Client Packet Processing Denial of Service Vulnerability

A vulnerability in Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to the improper processing of client packets that are sent to an affected access point AP. An...

CVE-2020-1627 Junos OS: vMX and MX150: Denial of Service vulnerability in packet processing

A vulnerability in Juniper Networks Junos OS on vMX and MX150 devices may allow an attacker to cause a Denial of Service DoS by sending specific packets requiring special processing in microcode that the flow cache can't handle, causing the riot forwarding daemon to crash. By continuously sending...

JVN#38732359: Multiple Yamaha network devices vulnerable to denial-of-service (DoS)

Multiple network devices provided by Yamaha Corporation contain a denial-of-service DoS vulnerability CWE-400 due to an issue in processing received packets. Impact A remote attacker may be able to cause a denial-of-service DoS condition. Solution Update the firmware Update to the latest version ...

The vulnerability of Huawei USG6330 network firewall allows a intruder to trigger a service failure.

The vulnerability of the Huawei USG6330 network firewall is related to errors in processing network packets. Exploiting this vulnerability can allow a remote attacker to exhaust the available memory and cause the device to reboot...

Buffer overflow

Buffer overflow occurs while processing LMP packet in which name length parameter exceeds value specified in BT-specification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdrag...

CVE-2019-14095

CVE-2019-14095 describes a buffer overflow in Snapdragon devices during LMP packet processing when the Bluetooth name length exceeds the BT specification. Affected families include Snapdragon Auto, Compute, Connectivity, and related Snapdragon devices across numerous SoCs (APQ8009, SDM… etc.). Th...

Wireshark 3.0.x < 3.0.8 A Vulnerability (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.0.8. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.0.8 advisory. - In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. This was addressed in...

Wireshark 3.0.x < 3.0.8 A Vulnerability

The version of Wireshark installed on the remote Windows host is prior to 3.0.8. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.0.8 advisory. - In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c b...

Fedora Update for dpdk FEDORA-2019-019df9a459

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Weak Password Vulnerability in Tianrongxin NGFW® Next-Generation Firewall

NGFW®, the next-generation firewall of TIANRONGXIN, adopts its own patented operating system NGTOS and security engine, utilizes the advanced Intel® Xeon® processor family and integrates the packet processing framework provided by Intel® Data Plane Development Kit to provide network processing...