1130 matches found
Azure Linux 3.0 Security Update: kernel (CVE-2025-37749)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37749 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: ppp: Add bound checking for skb dat...
ROS-20260120-7335
A vulnerability in the bpfprogram function of the driver drivers/net/ppp/pppgeneric.c of the Linux kernel is related to the use of an uninitialized pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
MiracleLinux 8 : ppp-2.4.7-26.el8 (AXSA:2020-167:03)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-167:03 advisory. ppp: Buffer overflow in the eaprequest and eapresponse functions in eap.c CVE-2020-8597 Tenable has extracted the preceding description block directly from th...
MiracleLinux 8 : tcpdump-4.9.3-2.el8 (AXSA:2021-2659:02)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2659:02 advisory. tcpdump: ppp decapsulator can be convinced to allocate a large amount of memory CVE-2020-8037 Tenable has extracted the preceding description block directly...
MiracleLinux 4 : ppp-2.4.5-11.AXS4 (AXSA:2020-4482:02)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4482:02 advisory. ppp: Buffer overflow in the eaprequest and eapresponse functions in eap.c CVE-2020-8597 Tenable has extracted the preceding description block directly from t...
MiracleLinux 7 : ppp-2.4.5-34.el7 (AXSA:2020-4481:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4481:01 advisory. ppp: Buffer overflow in the eaprequest and eapresponse functions in eap.c CVE-2020-8597 Tenable has extracted the preceding description block directly from t...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004132)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004132 advisory. In pppol2tpcreate of l2tpppp.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000768)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000768 advisory. Use-after-free vulnerability in drivers/net/ppp/pppgeneric.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service memory corruption and...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004003)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004003 advisory. A flaw was found in the HDLCPPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation i...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002942)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002942 advisory. Use-after-free vulnerability in drivers/net/ppp/pppgeneric.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service memory corruption and...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002455)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002455 advisory. The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between ...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002345)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002345 advisory. The slhcinit function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid, which allows local users to...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002585)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002585 advisory. Use-after-free vulnerability in drivers/net/ppp/pppgeneric.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service memory corruption and...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002077)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002077 advisory. The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between ...
MiracleLinux 9 : kernel-5.14.0-570.17.1.el9_6 (AXSA:2025-10435:40)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10435:40 advisory. kernel: vsock: Keep the binding until socket destruction CVE-2025-21756 kernel: dm-flakey: Fix memory corruption in optional corruptbiobyte feature...
CVE-2025-70161
EDIMAX BR-6208AC V21.02 is vulnerable to Command Injection. This arises because the pppUserName field is directly passed to a shell command via the system function without proper sanitization. An attacker can exploit this by injecting malicious commands into the pppUserName field, allowing...
CVE-2009-4409
The 1 CHAP and 2 MS-CHAP-V2 authentication capabilities in the PPP Access Concentrator PPPAC function in Internet Initiative Japan SEIL/B1 firmware 1.00 through 2.52 use the same challenge for each authentication attempt, which allows remote attackers to bypass authentication via a replay attack...
CVE-2022-33213
Memory corruption in modem due to buffer overflow while processing a PPP packet...
EDIMAX BR-6208AC 安全漏洞
The EDIMAX BR-6208AC is a wireless broadband router from Taiwan, China's Xunzhou EDIMAX Corporation. A security vulnerability exists in EDIMAX BR-6208AC version V21.02, which stems from improper cleaning of the pppUserName field, which could lead to a command injection attack...
CVE-1999-0160
Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections...