Lucene search
K

159 matches found

CNNVD
CNNVD
added 2024/02/27 12:0 a.m.3 views

Linux kernel security vulnerabilities

The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that originates from an out-of-bounds read when segmenting IPv4 packets...

7.1CVSS6.5AI score0.0023EPSS
Exploits0References4
OSV
OSV
added 2023/11/21 2:55 p.m.5 views

USN-6494-1 linux, linux-aws, linux-aws-hwe, linux-hwe, linux-kvm, linux-oracle vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Lucas Leong discovered that the netfilter subsystem in the...

7.8CVSS7AI score0.00856EPSS
Exploits1References10
OSV
OSV
added 2023/10/31 12:51 p.m.8 views

USN-6461-1 linux-oem-6.1 vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Marek Marczykowski-Górecki discovered that the Xen event...

7.8CVSS6.8AI score0.00888EPSS
Exploits2References8
BDU FSTEC
BDU FSTEC
added 2023/10/09 12:0 a.m.4 views

The vulnerability of the ipv4_send_dest_unreach() function in the net/ipv4/route.c module of the Linux operating system allows a attacker to cause a service failure.

The vulnerability of the ipv4senddestunreach function in the net/ipv4/route.c module of the Linux kernel is related to the assignment of a null pointer. Exploitation of this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.00406EPSS
Exploits1References23Affected Software6
Positive Technologies
Positive Technologies
added 2023/08/01 12:0 a.m.4 views

PT-2023-25535 · I2P · I2P

Name of the Vulnerable Software and Affected Versions: i2p versions prior to 2.3.0 Description: The issue allows de-anonymizing the public IPv4 and IPv6 addresses of i2p hidden services aka eepsites via a correlation attack across the IPv4 and IPv6 addresses that occurs when a tunneled, replayed...

3.7CVSS7.1AI score0.00474EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2023/02/15 5:51 a.m.3 views

SUSE CVE-2011-3326

The ospfflood function in ospfflood.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service daemon crash via an invalid Link State Advertisement LSA type in an IPv4 Link State Update message...

5CVSS6.8AI score0.04628EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:25 a.m.3 views

SUSE CVE-2014-8680

The GeoIP functionality in ISC BIND 9.10.0 through 9.10.1 allows remote attackers to cause a denial of service assertion failure and named exit via vectors related to 1 the lack of GeoIP databases for both IPv4 and IPv6, or 2 IPv6 support with certain options...

5.4CVSS7.5AI score0.08987EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:59 a.m.3 views

SUSE CVE-2020-11900

The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free...

8.2CVSS8.8AI score0.1285EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2022/06/30 9:7 p.m.2 views

kernel: buffer overflow in IPsec ESP transformation code

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat...

7.8CVSS6.8AI score0.05524EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2022/06/16 3:26 p.m.6 views

grub2: Integer underflow in grub_net_recv_ip4_packets

A flaw was found in grub2 when handling IPv4 packets. This flaw allows an attacker to craft a malicious packet, triggering an integer underflow in grub code. Consequently, the memory allocation for handling the packet data may be smaller than the size needed. This issue causes an out-of-bands wri...

8.1CVSS7.6AI score0.01284EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/06/16 1:52 p.m.6 views

grub2: Integer underflow in grub_net_recv_ip4_packets

A flaw was found in grub2 when handling IPv4 packets. This flaw allows an attacker to craft a malicious packet, triggering an integer underflow in grub code. Consequently, the memory allocation for handling the packet data may be smaller than the size needed. This issue causes an out-of-bands wri...

8.1CVSS7.6AI score0.01284EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/06/09 12:0 a.m.7 views

The vulnerability of the Lightspeed-Plus operating system for Cisco IOS XR routers of the Cisco ASR 9000 family allows a attacker to trigger a service failure.

The vulnerability of the Lightspeed-Plus operating system for Cisco IOS XR routers of the Cisco ASR 9000 family relates to the reading of data beyond the specified buffer. Exploiting this vulnerability can allow a malicious actor to trigger a service failure by sending specially crafted IPv4 or...

8.6CVSS6.6AI score0.01423EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/04/07 4:14 p.m.7 views

CLSA-2022-1649348075 Fix CVE(s): CVE-2021-4189

SECURITY UPDATE: Expose sensitive information - debian/patches/CVE-2021-4189.patch: alters ftplib.FTP class behavior to not trust the IPv4 address sent from the remote server when setting up a passive data channel in resposne in Lib/ftplib.py, Lib/test/testftplib.py. - CVE-2021-4189...

5.3CVSS6.9AI score0.02511EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/04/01 12:0 a.m.5 views

Arista Strata 安全漏洞

Arista Networks Arista Strata is a network switch from Arista Networks. A security vulnerability exists in the Arista Strata that stems from a mismatch in the IP protocol field between a rule in a port's IPv4 access list and a rule on a "vxlan" as a protocol...

7.5CVSS7.3AI score0.00706EPSS
Exploits0References2
OSV
OSV
added 2021/12/25 2:15 a.m.3 views

CVE-2021-45487

In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures...

7.5CVSS5.8AI score0.00964EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/04/16 12:0 a.m.5 views

The vulnerability of the IPv4/ICMPv4 protocol stack in the Trace TCP/IP implementation allows a attacker to gain unauthorized access to protected information.

The vulnerability of the IPv4/ICMPv4 protocol stack in the TCP/IP stack is related to the disclosure of information. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

9.4CVSS8AI score0.18728EPSS
Exploits2References4Affected Software146
OSV
OSV
added 2021/03/24 8:15 p.m.0 views

CVE-2021-1446

A vulnerability in the DNS application layer gateway ALG functionality used by Network Address Translation NAT in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a logic error that occurs when an affected...

7.5CVSS7.1AI score0.01494EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/02/08 12:0 a.m.6 views

The vulnerability of the IPv4 traffic processing service of the StarOS operating system, which allows a hacker to cause a service failure.

The vulnerability of the IPv4 traffic processing service of the StarOS operating system is related to a memory release error. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

5.8CVSS7.6AI score0.01284EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/01/15 6:15 p.m.6 views

CVE-2021-0222

A vulnerability in Juniper Networks Junos OS allows an attacker to cause a Denial of Service DoS to the device by sending certain crafted protocol packets from an adjacent device with invalid payloads to the device. These crafted packets, which should be discarded, are instead replicated and sent...

7.4CVSS7.1AI score0.00639EPSS
Exploits0References1
OSV
OSV
added 2020/10/27 8:15 p.m.2 views

CVE-2019-8580

Source-routed IPv4 packets were disabled by default. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. Source-routed IPv4 packets may be unexpectedly accepted...

7.5CVSS7.1AI score0.01038EPSS
Exploits0References2
Rows per page
Query Builder