Lucene search
+L

187 matches found

OSV
OSV
added 2024/07/12 1:15 p.m.6 views

UBUNTU-CVE-2024-40992

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix responder length checking for UD request packets According to the IBA specification: If a UD request packet is detected with an invalid length, the request shall be an invalid request and it shall be silently droppe...

5.5CVSS5.7AI score0.00268EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2024/06/21 7:21 p.m.31 views

CVE-2024-38381

A vulnerability was found in the NCI component in the Linux kernel's NFC subsystem. This issue involves an uninitialized value in the ncirxwork function, which could lead to unintended behavior or potential security risks. Mitigation Mitigation for this issue is either not available or the...

7.1CVSS7.8AI score0.00258EPSS
Exploits0References4
OSV
OSV
added 2024/06/21 11:15 a.m.14 views

AZL-48945 CVE-2024-38381 affecting package kernel for versions less than 5.15.162.2-1

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in ncirxwork syzbot reported the following uninit-value access issue 1 ncirxwork parses received packet from ndev-rxq. It should be validated header size, payload size and total packet size before...

7.1CVSS6.6AI score0.00258EPSS
Exploits0References1
OSV
OSV
added 2024/06/21 11:15 a.m.2 views

UBUNTU-CVE-2024-38381

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in ncirxwork syzbot reported the following uninit-value access issue 1 ncirxwork parses received packet from ndev-rxq. It should be validated header size, payload size and total packet size before...

7.1CVSS6.5AI score0.00258EPSS
Exploits0References29
RedHat Linux
RedHat Linux
added 2024/06/20 4:25 p.m.7 views

ovn: insufficient validation of BFD packets may lead to denial of service

A flaw was found in the Open Virtual Network OVN. In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a denial of service...

6.5CVSS5.8AI score0.00783EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.37 views

Apache Tomcat 8.5.0 < 8.5.64 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 8.5.64. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat8.5.64security-8 advisory. - Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate...

7.5CVSS7.2AI score0.14286EPSS
Exploits3References5
RedHat Linux
RedHat Linux
added 2024/03/19 3:40 p.m.8 views

ovn: insufficient validation of BFD packets may lead to denial of service

A flaw was found in the Open Virtual Network OVN. In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a denial of service...

6.5CVSS5.8AI score0.00783EPSS
Exploits0References6
OSV
OSV
added 2024/02/14 8:17 a.m.19 views

USN-6635-1 linux-gcp-6.2 vulnerabilities

It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-37453 Lucas...

8.8CVSS6.8AI score0.09141EPSS
Exploits6References14
Tenable Nessus
Tenable Nessus
added 2023/12/11 12:0 a.m.30 views

Cisco Adaptive Security Appliance Software VPN Packet Validation (cisco-sa-asa-ssl-vpn-Y88QOm77)

According to its self-reported version, Cisco ASA Software is affected by a VPN packet validation vulnerability that could allow an authenticated, remote attacker to send packets with another VPN user's source IP address. This vulnerability is due to improper validation of the packet's inner sour...

4.3CVSS5.4AI score0.00412EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/12/11 12:0 a.m.22 views

Cisco Firepower Threat Defense Software VPN Packet Validation (cisco-sa-asa-ssl-vpn-Y88QOm77)

According to its self-reported version, Cisco FTD Software is affected by a VPN packet validation vulnerability that could allow an authenticated, remote attacker to send packets with another VPN user's source IP address. This vulnerability is due to improper validation of the packet's inner sour...

4.3CVSS5.4AI score0.00412EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/06 12:0 a.m.4 views

Cisco Adaptive Security Appliance and Firepower Threat Defense Security Vulnerabilities

Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliance are both products of Cisco Corporation.Cisco Firepower Threat Defense is a suite of unified software that provides next-generation firewall services. Cisco Adaptive Security Appliance is a network appliance. It is used to...

4.3CVSS5AI score0.00412EPSS
Exploits0References4
Cisco
Cisco
added 2023/12/05 4:0 p.m.85 views

Cisco Adaptive Security Appliance and Firepower Threat Defense Software VPN Packet Validation Vulnerability

A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to send packets with another VPN user's source IP address. This vulnerability is due to improper...

4.1CVSS4.6AI score0.00412EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/10/02 12:0 a.m.9 views

PT-2023-20530 · Asyncua · Asyncua

Name of the Vulnerable Software and Affected Versions: asyncua versions prior to 0.9.96 Description: The issue allows an attacker to send a malformed packet, causing the server to enter an infinite loop and consume excessive memory, resulting in a Denial of Service DoS. Recommendations: For...

7.5CVSS7.3AI score0.01031EPSS
Exploits1References17
NVD
NVD
added 2023/08/25 9:15 p.m.16 views

CVE-2023-2906

Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack...

6.5CVSS6.7AI score0.02771EPSS
Exploits1References6
OSV
OSV
added 2023/08/25 8:41 p.m.18 views

CVE-2023-2906 Wireshark CP2179 divide by zero

Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack...

6.5CVSS6.8AI score0.02771EPSS
Exploits1References8
UbuntuCve
UbuntuCve
added 2023/06/07 3:15 a.m.34 views

CVE-2023-0666

Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark...

6.5CVSS7.3AI score0.02256EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/06/02 12:0 a.m.9 views

CVE-2023-28703 ASUS RT-AC86U - Buffer Overflow

ASUS RT-AC86U’s specific cgi function has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length. A remote attacker with administrator privileges can exploit this vulnerability to execute arbitrary system commands, disrupt system or terminate...

7.2CVSS7.5AI score0.00886EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2023/02/21 7:34 p.m.38 views

K30502720: Apache Tomcat vulnerability CVE-2021-41079

Security Advisory Description Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop...

7.5CVSS7.5AI score0.07182EPSS
Exploits0
CNNVD
CNNVD
added 2022/10/11 12:0 a.m.4 views

Siemens LOGO! 8 BM 安全漏洞

Siemens LOGO! 8 BM is a programming software for industrial environments for the Windows platform from Siemens Germany. Siemens LOGO! 8 BM suffers from a buffer overflow vulnerability that stems from an inability to properly validate the structure of a TCP packet through a variety of methods. An...

9.8CVSS7.3AI score0.00901EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/08/17 12:0 a.m.10 views

PT-2022-15958 · Softing · Softing Secure Integration Server

Name of the Vulnerable Software and Affected Versions: Softing Secure Integration Server version V1.22 Description: The issue is related to a denial-of-service condition that can be triggered by a crafted HTTP packet with a missing HTTP URI. This can cause a NULL pointer dereference, leading to a...

7.5CVSS7.2AI score0.01297EPSS
Exploits0References4
Rows per page
Query Builder