Lucene search
K

169 matches found

RedHat Linux
RedHat Linux
added 2022/06/16 1:52 p.m.7 views

grub2: Integer underflow in grub_net_recv_ip4_packets

A flaw was found in grub2 when handling IPv4 packets. This flaw allows an attacker to craft a malicious packet, triggering an integer underflow in grub code. Consequently, the memory allocation for handling the packet data may be smaller than the size needed. This issue causes an out-of-bands wri...

8.1CVSS7.6AI score0.01284EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/06/09 12:0 a.m.7 views

The vulnerability of the Lightspeed-Plus operating system for Cisco IOS XR routers of the Cisco ASR 9000 family allows a attacker to trigger a service failure.

The vulnerability of the Lightspeed-Plus operating system for Cisco IOS XR routers of the Cisco ASR 9000 family relates to the reading of data beyond the specified buffer. Exploiting this vulnerability can allow a malicious actor to trigger a service failure by sending specially crafted IPv4 or...

8.6CVSS6.6AI score0.01423EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/04/07 4:14 p.m.7 views

CLSA-2022-1649348075 Fix CVE(s): CVE-2021-4189

SECURITY UPDATE: Expose sensitive information - debian/patches/CVE-2021-4189.patch: alters ftplib.FTP class behavior to not trust the IPv4 address sent from the remote server when setting up a passive data channel in resposne in Lib/ftplib.py, Lib/test/testftplib.py. - CVE-2021-4189...

5.3CVSS6.9AI score0.02602EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/04/01 12:0 a.m.5 views

Arista Strata 安全漏洞

Arista Networks Arista Strata is a network switch from Arista Networks. A security vulnerability exists in the Arista Strata that stems from a mismatch in the IP protocol field between a rule in a port's IPv4 access list and a rule on a "vxlan" as a protocol...

7.5CVSS7.3AI score0.00706EPSS
Exploits0References2
OSV
OSV
added 2021/12/25 2:15 a.m.4 views

CVE-2021-45487

In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures...

7.5CVSS5.8AI score0.00964EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/04/16 12:0 a.m.6 views

The vulnerability of the IPv4/ICMPv4 protocol stack in the Trace TCP/IP implementation allows a attacker to gain unauthorized access to protected information.

The vulnerability of the IPv4/ICMPv4 protocol stack in the TCP/IP stack is related to the disclosure of information. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

9.4CVSS8AI score0.18728EPSS
Exploits2References4Affected Software146
OSV
OSV
added 2021/03/24 8:15 p.m.1 views

CVE-2021-1446

A vulnerability in the DNS application layer gateway ALG functionality used by Network Address Translation NAT in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a logic error that occurs when an affected...

7.5CVSS7.1AI score0.01494EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/02/08 12:0 a.m.6 views

The vulnerability of the IPv4 traffic processing service of the StarOS operating system, which allows a hacker to cause a service failure.

The vulnerability of the IPv4 traffic processing service of the StarOS operating system is related to a memory release error. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

5.8CVSS7.6AI score0.01284EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/01/15 6:15 p.m.6 views

CVE-2021-0222

A vulnerability in Juniper Networks Junos OS allows an attacker to cause a Denial of Service DoS to the device by sending certain crafted protocol packets from an adjacent device with invalid payloads to the device. These crafted packets, which should be discarded, are instead replicated and sent...

7.4CVSS7.1AI score0.00639EPSS
Exploits0References1
OSV
OSV
added 2020/10/27 8:15 p.m.2 views

CVE-2019-8580

Source-routed IPv4 packets were disabled by default. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. Source-routed IPv4 packets may be unexpectedly accepted...

7.5CVSS7.1AI score0.01038EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/10/20 8:2 p.m.4 views

python: DoS via inefficiency in IPv{4,6}Interface classes

A vulnerability was found in the way the ipaddress python module computes hash values in the IPv4Interface and IPv6Interface classes. This flaw allows an attacker to create many dictionary entries, due to the performance of a dictionary containing the IPv4Interface or IPv6Interface objects,...

5.9CVSS6.8AI score0.12826EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2020/06/17 10:51 a.m.1 views

CVE-2020-11909

The Treck TCP/IP stack before 6.0.1.66 has an IPv4 Integer Underflow...

6.6AI score0.03591EPSS
Exploits1References9
CNVD
CNVD
added 2019/11/09 12:0 a.m.1 views

Linux kernel input validation error vulnerability (CNVD-2019-40470)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. An input validation error vulnerability exists in the net/ipv4/sysctlnetipv4.c file in versions of Linux kernel prior to 5.0.11. The vulnerability stems from a network...

9.8CVSS7.6AI score0.03431EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/05/01 12:0 a.m.4 views

PT-2019-2041 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the Internet Key Exchange Version 2 Mobility and...

8.6CVSS8.5AI score0.02039EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2019/04/12 12:0 a.m.6 views

The vulnerability of the Network Address Translation implementation in the Cisco IOS operating system allows a hacker to induce a service failure.

The vulnerability of the Network Address Translation 64 NAT64 implementation in Cisco IOS operating systems exists due to errors in the processing of IPv4 packets. Exploiting this vulnerability can allow a remote attacker to cause a system to stop responding or restart the device, resulting in...

7.8CVSS7.4AI score0.02516EPSS
Exploits0References2
CNVD
CNVD
added 2019/03/28 12:0 a.m.9 views

Cisco IOS NAT64 Denial of Service Vulnerability

Cisco IOS is the United States Cisco Cisco company's set of operating system developed for its network equipment. A denial of service vulnerability exists in the Network Address Translation 64 NAT64 feature of Cisco IOS, which arises from the program's failure to properly process IPv4 packet...

8.6CVSS6.8AI score0.02516EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/02/11 12:0 a.m.8 views

PT-2019-10115

Name of the Vulnerable Software and Affected Versions: Bitcoin Core versions 0.12.0 through 0.17.1 Bitcoin Knots versions 0.12.0 through 0.17.x before 0.17.1.knots20181229 Description: The issue allows local users to exploit Incorrect Access Control, potentially leading to currency theft. This is...

5.5CVSS6.1AI score0.00349EPSS
Exploits0References18
OSV
OSV
added 2019/01/15 9:29 p.m.3 views

CVE-2019-0013

The routing protocol daemon RPD process will crash and restart when a specific invalid IPv4 PIM Join packet is received. While RPD restarts after a crash, repeated crashes can result in an extended Denial of Service DoS condition. This issue only affects IPv4 PIM. IPv6 PIM is unaffected by this...

7.5CVSS5.8AI score0.01706EPSS
Exploits0References2
OSV
OSV
added 2019/01/15 9:29 p.m.4 views

CVE-2019-0005

On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been blocked to be forwarded. IPv4 packet filtering is unaffected by this vulnerability. Affected...

5.3CVSS5.8AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2018/10/30 12:31 p.m.7 views

kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack)

A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU...

7.8CVSS7.1AI score0.24575EPSS
Exploits0References6
Rows per page
Query Builder