Lucene search
K

89 matches found

CNVD
CNVD
added 2021/11/22 12:0 a.m.25 views

Wireshark Input Validation Error Vulnerability (CNVD-2022-11205)

Wireshark formerly known as Ethereal is a suite of network packet analysis software from the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. Wireshark suffers from an input validation error vulnerability that can be exploited by...

7.5CVSS7.3AI score0.05178EPSS
Exploits1References1
CNVD
CNVD
added 2021/11/21 12:0 a.m.30 views

Wireshark Input Validation Error Vulnerability (CNVD-2021-91421)

Wireshark is a suite of network packet analysis software from the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis.Wireshark suffers from an input validation error vulnerability that stems from insufficient validation in the Modbu...

7.5CVSS5.4AI score0.03239EPSS
Exploits1References1
CNVD
CNVD
added 2021/11/19 12:0 a.m.25 views

Wireshark null pointer dereference vulnerability (CNVD-2021-94899)

Wireshark is a network packet analysis software. Wireshark uses WinPCAP as an interface to exchange data packets directly with the network card.A null pointer dereference vulnerability exists in the IPPUSB parser in Wireshark versions 3.4.0 - 3.4.9. An attacker could exploit this vulnerability to...

7.5CVSS4.3AI score0.03158EPSS
Exploits1References1
CNVD
CNVD
added 2021/10/08 12:0 a.m.16 views

Netscaut nGeniusONE UploadFile Function Cross-Site Scripting Vulnerability

Netscout NgeniusOne is a centralized application and network performance management solution from Netscout, Inc. A cross-site scripting vulnerability exists in Netscaut nGeniusONE in version 6.3.0 build 1196 and earlier, which stems from a lack of user input validation and filtering of input data...

5.4CVSS5.1AI score0.00451EPSS
Exploits0References1
NVD
NVD
added 2021/10/06 6:15 p.m.23 views

CVE-2021-25486

Exposure of information vulnerability in ipcdump prior to SMR Oct-2021 Release 1 allows an attacker detect device information via analyzing packet in log...

3.3CVSS0.00095EPSS
Exploits0References1
CVE
CVE
added 2021/10/06 5:10 p.m.47 views

CVE-2021-25486

CVE-2021-25486 concerns an information-disclosure vulnerability in the Samsung ipcdump module, present before SMR Oct-2021 Release 1. The issue allows an attacker to detect device information by analyzing log-packet data. Documents describe vulnerable component (ipcdump) and impact as information...

3.3CVSS4AI score0.00095EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2021/09/30 6:15 p.m.19 views

CVE-2021-35198

NETSCOUT nGeniusONE 6.3.0 build 1004 and earlier allows Stored Cross-Site Scripting XSS in the Packet Analysis module...

5.4CVSS0.00451EPSS
Exploits0References1
OSV
OSV
added 2021/09/30 6:15 p.m.3 views

CVE-2021-35198

NETSCOUT nGeniusONE 6.3.0 build 1004 and earlier allows Stored Cross-Site Scripting XSS in the Packet Analysis module...

5.4CVSS6.1AI score0.00451EPSS
Exploits0References1
Prion
Prion
added 2021/09/30 6:15 p.m.18 views

Cross site scripting

NETSCOUT nGeniusONE 6.3.0 build 1004 and earlier allows Stored Cross-Site Scripting XSS in the Packet Analysis module...

3.5CVSS5.2AI score0.00451EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/09/30 5:52 p.m.25 views

CVE-2021-35198

NETSCOUT nGeniusONE 6.3.0 build 1004 and earlier allows Stored Cross-Site Scripting XSS in the Packet Analysis module...

5.5AI score0.00451EPSS
Exploits0References1
CVE
CVE
added 2021/09/30 5:52 p.m.48 views

CVE-2021-35198

NETSCOUT nGeniusONE 6.3.0 build 1004 and earlier is affected by a Stored Cross-Site Scripting (XSS) vulnerability in the Packet Analysis module. The root cause is improper input validation/filtering, enabling an attacker to inject JavaScript and perform stored XSS. Public references (NVD, CVE lis...

5.4CVSS5.2AI score0.00451EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/09/30 12:0 a.m.6 views

Netscout NgeniusOne 跨站脚本漏洞

Netscout NgeniusOne is a centralized application and network performance management solution from Netscout, Inc. A cross-site scripting vulnerability exists in Netscaut nGeniusONE in version 6.3.0 build 1196 and earlier, which stems from a lack of user input validation and filtering of input data...

5.4CVSS5.3AI score0.00451EPSS
Exploits0References2
CNVD
CNVD
added 2021/06/08 12:0 a.m.58 views

Wireshark infinite loop vulnerability (CNVD-2022-11207)

Wireshark is a network packet analyzer. Wireshark is a network packet analyzer that captures network packets and displays the most detailed packet information possible.Wireshark uses WinPCAP as an interface to exchange data packets directly with the network card. An infinite loop vulnerability...

7.5CVSS7.4AI score0.01789EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2021/05/07 1:20 p.m.53 views

6 Unpatched Flaws Disclosed in Remote Mouse App for Android and iOS

As many as six zero-days have been uncovered in an application called Remote Mouse, allowing a remote attacker to achieve full code execution without any user interaction. The unpatched flaws, collectively named 'Mouse Trap,' were disclosed on Wednesday by security researcher Axel Persinger, who...

9.8CVSS2.4AI score0.14195EPSS
Exploits6
ossfuzz
ossfuzz
added 2020/05/30 2:41 p.m.22 views

pcapplusplus:FuzzTarget: Use-of-uninitialized-value in pcpp::NullLoopbackLayer::parseNextLayer

Project: https://github.com/seladb/PcapPlusPlus.git Detailed Report: https://oss-fuzz.com/testcase?key=5696447256461312 Project: pcapplusplus Fuzzing Engine: libFuzzer Fuzz Target: FuzzTarget Job Type: libfuzzermsanpcapplusplus Platform Id: linux Crash Type: Use-of-uninitialized-value Crash...

6.8AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/03/09 12:0 a.m.5 views

The vulnerability of Huawei USG6330’s network packet analysis tool allows a intruder to trigger a service failure.

The vulnerability of Huawei USG6330 network packet analysis tool is related to insufficient verification of input data during authentication. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using a specially crafted packet...

4.1CVSS5.5AI score
Exploits0
CNVD
CNVD
added 2019/12/05 12:0 a.m.4 views

Wireshark injection vulnerability

Wireshark formerly known as Ethereal is a suite of network packet analysis software from the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. Wireshark suffers from an injection vulnerability. An attacker can exploit this...

7.5CVSS7.7AI score0.04128EPSS
Exploits0References1
CNVD
CNVD
added 2019/11/20 12:0 a.m.4 views

tcpdump buffer overflow vulnerability (CNVD-2019-41908)

tcpdump is a set of sniffing tools from Tcpdump team running under command line. The tool is mainly used for packet analysis and network traffic capture etc. tcpdump suffers from a buffer overflow vulnerability. An attacker can exploit this vulnerability to cause a buffer overflow or heap overflo...

7CVSS6.3AI score0.04667EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/22 12:0 a.m.14 views

Wireshark Denial of Service Vulnerability (CNVD-2021-11324)

Wireshark formerly known as Ethereal is a suite of network packet analysis software from the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A security vulnerability exists in Wireshark versions 3.0.0 through 3.0.2, 2.6.0 throug...

7.5CVSS6.6AI score0.06079EPSS
Exploits1References1
Kitploit
Kitploit
added 2019/05/06 12:49 p.m.105 views

Termshark - A Terminal UI For Tshark, Inspired By Wireshark

A terminal user-interface for tshark, inspired by Wireshark. If you're debugging on a remote machine with a large pcap and no desire to scp it back to your desktop, termshark can help! Features Read pcap files or sniff live interfaces where tshark is permitted. Inspect each packet using familiar...

7.3AI score
Exploits0References6
Rows per page
Query Builder