CVE-2014-2359

OleumTech Wireless Sensor Network devices allow remote attackers to obtain sensitive information about sensor nodes or spoof devices by reading cleartext protocol data...

CVE-2017-10607

Juniper Networks Junos OS 16.1R1, and services releases based off of 16.1R1, are vulnerable to the receipt of a crafted BGP Protocol Data Unit PDU sent directly to the router, which can cause the RPD routing process to crash and restart. Unlike BGP UPDATEs, which are transitive in nature, this...

CVE-2017-5898

Integer overflow in the emulatedapdufromguest function in usb/dev-smartcard-reader.c in Quick Emulator Qemu, when built with the CCID Card device emulator support, allows local users to cause a denial of service application crash via a large Application Protocol Data Units APDU unit...

FreeBSD : X.org libraries -- multiple vulnerabilities (1cf65085-a760-41d2-9251-943e1af62eb8)

Matthieu Herrb reports : Tobias Stoeckmann from the OpenBSD project has discovered a number of issues in the way various X client libraries handle the responses they receive from servers, and has worked with X.Org's security team to analyze, confirm, and fix these issues. These issue come in...

Design/Logic Flaw

The Aggregated MAC Protocol Data Unit AMPDU implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service device reload via a crafted AMPDU header, aka Bug ID CSCuz56288...

The vulnerability of the NX-OS network operating system allows a hacker to induce a maintenance failure.

The vulnerability of the NX-OS network operating system exists due to insufficient checking of PDU fragments in SNMP packets. Exploiting this vulnerability can allow a malicious actor to trigger a service failure reloading of the SNMP application by using a specially crafted packet...

Cisco Nexus 5500 / 5600 / 6000 SNMP DoS (cisco-sa-20160302-n5ksnmp)

The remote Cisco Nexus device is affected by a denial of service vulnerability in the Simple Network Management Protocol SNMP service due to improper validation of SNMP Protocol Data Units PDUs in SNMP packets. An unauthenticated, remote attacker can exploit this vulnerability, via a crafted SNMP...

Wireshark UMTS FP Parser Denial of Service Vulnerability

Wireshark is the most popular network protocol parser. Wireshark version 1.12.x prior to 1.12.9, the function dissecthsdschchannelinfo in epan/dissectors/packet-umtsfp.c in the UMTS FP parser does not validate the number of PDUs, and by constructing a packet, a remote attacker can exploit this...

DEBIAN-CVE-2015-8712

The dissecthsdschchannelinfo function in epan/dissectors/packet-umtsfp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service application crash via a crafted packet...

UBUNTU-CVE-2015-8712

The dissecthsdschchannelinfo function in epan/dissectors/packet-umtsfp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service application crash via a crafted packet...

wireshark: AMQP dissector crash (wnpa-sec-2014-21)

Multiple integer overflows in epan/dissectors/packet-amqp.c in the AMQP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allow remote attackers to cause a denial of service application crash via a crafted amqp010 PDU in a packet...

net-snmp: snmp_pdu_parse() incompletely parsed varBinds left in list of variables

It was discovered that the snmppduparse function could leave incompletely parsed varBind variables in the list of variables. A remote, unauthenticated attacker could use this flaw to crash snmpd or, potentially, execute arbitrary code on the system with the privileges of the user running snmpd...

CURL-CVE-2015-3237 SMB send off unrelated memory contents

libcurl can get tricked by a malicious SMB server to send off data it did not intend to. In libcurl's state machine function handling the SMB protocol smbrequeststate, two length and offset values are extracted from data that has arrived over the network, and those values are subsequently used to...

CVE-2015-2153

The rpkirtrpduprint function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service out-of-bounds read or write and crash via a crafted header length in an RPKI-RTR Protocol Data Unit PDU...

FreeBSD : libXfont -- X Font Service Protocol and Font metadata file handling issues (b060ee50-daba-11e3-99f2-bcaec565249c)

Alan Coopersmith reports : Ilja van Sprundel, a security researcher with IOActive, has discovered several issues in the way the libXfont library handles the responses it receives from xfs servers, and has worked with X.Org's security team to analyze, confirm, and fix these issues. Most of these...

libXfont -- X Font Service Protocol and Font metadata file handling issues

Alan Coopersmith reports: Ilja van Sprundel, a security researcher with IOActive, has discovered several issues in the way the libXfont library handles the responses it receives from xfs servers, and has worked with X.Org's security team to analyze, confirm, and fix these issues. Most of these...

UBUNTU-CVE-2012-3420

Multiple memory leaks in Performance Co-Pilot PCP before 3.6.5 allow remote attackers to cause a denial of service memory consumption or daemon crash via a large number of PDUs with 1 a crafted context number to the DoFetch function in pmcd/src/dofetch.c or 2 a negative type value to the pmGetPDU...

Code injection

The cat6000-dot1x component in Cisco IOS 12.2 before 12.233SXI7 does not properly handle an external loop between a pair of dot1x enabled ports, which allows remote attackers to cause a denial of service traffic storm via unspecified vectors that trigger many unicast EAPoL Protocol Data Units PDU...

CVE-2008-4770

Removed by vendor...

RealVNC VNC Viewer < 4.1.3/4.4.3 Arbitrary Command Execution

The version of RealVNC's VNC Viewer installed on the remote Windows host is affected by multiple issues : - An error in the 'CMsgReader::readRect' function in 'common/rfb/CMsgReader.cxx' that comes into play when processing encoding types, may allow arbitrary code execution on the remote system. ...