23 matches found
Astra Linux – Vulnerability in Linux 5.10, Linux
Before version 5.17.9, the Linux kernel allowed TCP servers to identify clients by observing which source ports were used. This occurs due to the use of Algorithm 4 "Double-Hash Port Selection Algorithm" from RFC 6056...
CVE-2018-25262
Angry IP Scanner for Linux 3.5.3 contains a denial of service vulnerability that allows local attackers to crash the application by supplying malformed input to the port selection field. Attackers can craft a malicious string containing buffer overflow patterns and paste it into the Preferences...
CVE-2018-25262 Angry IP Scanner for Linux 3.5.3 Denial of Service
Angry IP Scanner for Linux 3.5.3 contains a denial of service vulnerability that allows local attackers to crash the application by supplying malformed input to the port selection field. Attackers can craft a malicious string containing buffer overflow patterns and paste it into the Preferences...
CVE-2018-25262
Angry IP Scanner for Linux 3.5.3 contains a denial-of-service vulnerability that crashes the application when a malformed input is supplied in the port selection field. The issue can be triggered by pasting a string containing buffer overflow patterns into the Preferences Ports tab. The CVE notes...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013305)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013305 advisory. The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 Double-Hash...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010727)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010727 advisory. The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 Double-Hash...
The vulnerability of the mlx5_lagdestroy_definers() function in the mlx5 driver (drivers/net/ethernet/mellanox/mlx5/core/lag/port_sel.c) in Linux operating systems allows a hacker to cause a service failure.
The vulnerability of the mlx5lagdestroydefiners function in the mlx5 driver drivers/net/ethernet/mellanox/mlx5/core/lag/portsel.c in Linux operating systems is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed the issue where a tainted pointer was deleted instead of the previously created rules when the flow rule creation failed. This issue occurred in mlx5lagcreateportseltable, where, instead of using the previously...
Exploit for Uncontrolled Resource Consumption in Ietf Http
CVE-2023-44487 - HTTP/2 Rapid Reset Exploit PoC --- Desc...
DEBIAN-CVE-2024-40940
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail In case of flow rule creation fail in mlx5lagcreateportseltable, instead of previously created rules, the tainted pointer is deleted deveral times. Fix this...
SUSE CVE-2022-32296
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 "Double-Hash Port Selection Algorithm" of RFC 6056...
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056.
...
CVE-2022-32296
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 "Double-Hash Port Selection Algorithm" of RFC 6056...
DEBIAN-CVE-2022-32296
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 "Double-Hash Port Selection Algorithm" of RFC 6056...
Maven Extension plugin for Gradle Enterprise vulnerable to Deserialization of Untrusted Data
An issue was discovered in the Maven Extension plugin before 1.6 for Gradle Enterprise. It is vulnerable to, in the worst case, Remote Code Execution, and in the general case, local privilege escalation. Internally, the plugin uses a socket connection to send serialized Java objects that are...
PT-2022-3221 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.17.9 Description: The issue is related to insufficient entropy in the Linux kernel, allowing a remote attacker to identify clients by determining the original source ports used by the TCP server. This is due t...
GHSA-GH7C-CG3X-PMCR pyftpdlib Use of Insufficiently Random Values of port selection on PASV command
pyftpdlib before 0.1.1 does not choose a random value for the port associated with the PASV command, which makes it easier for remote attackers to obtain potentially sensitive information about the number of in-progress data connections by reading the response to this command...
pyftpdlib Use of Insufficiently Random Values of port selection on PASV command
pyftpdlib before 0.1.1 does not choose a random value for the port associated with the PASV command, which makes it easier for remote attackers to obtain potentially sensitive information about the number of in-progress data connections by reading the response to this command...
Angry IP Scanner for Linux 3.5.3 - Denial of Service (PoC)
Angry IP Scanner for Linux 3.5.3 - Denial of Service PoC Exploit Title: Angry IP Scanner for Linux 3.5.3 - Denial of Service PoC Discovery by: Mr Winst0n Discovery Date: 2018-12-22 Vendor Homepage: https://angryip.org/ Software Link : https://angryip.org/download/ Tested Version: 3.5.3 latest...
Real Networks GameHouse dldisplay ActiveX control 0 Port Buffer Overflow (1)
No description provided by source. source: http://www.securityfocus.com/bid/767/info At installation, the Real Server software randomly selects an unused port as the remote administration port. This port is used by Real Server's remote web administration feature. To access this feature, the corre...