Lucene search
K

309 matches found

SUSE Linux
SUSE Linux
added 2025/02/03 4:32 p.m.0 views

Security update for rsync

This update for rsync fixes the following issues: Bump rsync protocol version to 32 to show server is patched against recent vulnerabilities. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...

7.2AI score
Exploits0References2
OSV
OSV
added 2025/02/03 4:32 p.m.2 views

SUSE-SU-2025:0340-1 Security update for rsync

This update for rsync fixes the following issues: - Bump rsync protocol version to 32 to show server is patched against recent vulnerabilities...

7.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/02/03 12:0 a.m.3 views

PT-2025-5680 · Rsync · Rsync

Name of the Vulnerable Software and Affected Versions: rsync affected versions not specified Description: The issue concerns recent vulnerabilities in rsync. An update bumps the rsync protocol version to 32, indicating that the server is patched against these vulnerabilities. Recommendations: At...

7AI score
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/01/20 12:0 a.m.8 views

The vulnerability of the Juniper Tunnel Driver (JTD) driver for Juniper Networks’ Junos OS Evolved operating systems allows a hacker to induce a service failure.

The vulnerability of the Juniper Tunnel Driver JTD driver for Juniper Networks’ Junos OS Evolved operating systems is related to the lack of memory release after the effective lifespan of the driver. Exploiting this vulnerability can allow a malicious actor to trigger a service failure by sending...

7.8CVSS5.5AI score0.00587EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/01/09 7:15 p.m.4 views

CVE-2025-21598

An Out-of-bounds Read vulnerability in Juniper Networks Junos OS and Junos OS Evolved's routing protocol daemon rpd allows an unauthenticated, network-based attacker to send malformed BGP packets to a device configured with packet receive trace options enabled to crash rpd. This issue affects:...

8.2CVSS5.8AI score0.00702EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.13 views

PT-2025-4310

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74 Description The issue concerns the Linux kernel's handling of IPv6 packets with extension headers. Specifically, it affects devices that advertise NETIF F IPV6 CSUM, which is a feature for checksumming pla...

5.5CVSS6.6AI score0.00208EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/12/20 12:0 a.m.10 views

The vulnerability of the Linux operating system’s kernel’s ipv6 component, which allows a hacker to trigger a service failure

The vulnerability of the ipv6 component in the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.7CVSS6.4AI score0.0027EPSS
Exploits0References45Affected Software6
SUSE Linux
SUSE Linux
added 2024/12/06 7:3 p.m.1 views

Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059153 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47598: schcake: do not call...

7.8CVSS8.5AI score0.01166EPSS
Exploits2References100
CNNVD
CNNVD
added 2024/11/27 12:0 a.m.3 views

Contiki-NG 安全漏洞

Contiki-NG is a Contiki-NG open source operating system for resource-constrained devices in the Internet of Things. A security vulnerability exists in Contiki-NG 4.9 and earlier versions, which stems from a lack of valid validation of the next-hop address, which could result in uncontrolled...

8.7CVSS6.5AI score0.00538EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/05 12:0 a.m.9 views

PT-2024-37063

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, involving IPv6 and device removal. The issue occurred during device removal in the pmtu.sh self-test, causing an aperiodic hangup...

5.5CVSS5.3AI score0.00203EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/10/31 12:8 a.m.7 views

mod_http2: DoS by null pointer in websocket over HTTP/2

A flaw was found in the Apache HTTP Server. Serving WebSocket protocol upgrades over an HTTP/2 connection could result in a NULL pointer dereference, leading to a crash of the server process...

5.4CVSS5.7AI score0.01715EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/24 2:39 a.m.4 views

kernel: tunnels: fix out of bounds access when building IPv6 PMTU error

A flaw was found in the Linux kernel. This issue occurs due to the improper handling of non-linear skbs socket buffers when calculating checksums for ICMPv6 PMTU error messages. This vulnerability can lead to out-of-bounds access, potentially causing memory corruption or crashes...

7.1CVSS7.2AI score0.00237EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/24 1:17 a.m.2 views

kernel: ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr

This CVE addresses a race condition in the Linux kernel's IPv6 subsystem, specifically between the ipv6getifaddr and ipv6deladdr functions. This race condition can lead to use-after-free scenarios, potentially causing system instability or crashes...

5.5CVSS7.3AI score0.00257EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.245 views

TeamTalk Gather Credentials

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TeamTalk Gather Credentials', 'Description' = %q This module retrieves user credentials from BearWare TeamTalk. Valid administrator credentials a...

7.4AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/08/10 7:0 a.m.4 views

The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily e.g. leading to a denial of service (network is unreachable errors) when IPv6 packets are sent in a loop via a raw socket.

...

7.5CVSS6.5AI score0.0094EPSS
Exploits0
CNNVD
CNNVD
added 2024/07/12 12:0 a.m.3 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a potential race condition issue in the ipv6 component in the fib6droppcpufrom function that could lead to...

4.7CVSS7.6AI score0.0027EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2024/07/10 12:18 a.m.3 views

kernel: ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr

This CVE addresses a race condition in the Linux kernel's IPv6 subsystem, specifically between the ipv6getifaddr and ipv6deladdr functions. This race condition can lead to use-after-free scenarios, potentially causing system instability or crashes...

5.5CVSS7.3AI score0.00257EPSS
Exploits0References5
Kitploit
Kitploit
added 2024/06/24 12:30 p.m.96 views

Hfinger - Fingerprinting HTTP Requests

Tool for Fingerprinting HTTP requests of malware. Based on Tshark and written in Python3. Working prototype stage :- Its main objective is to provide unique representations fingerprints of malware requests, which help in their identification. Unique means here that each fingerprint should be seen...

7AI score
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/06/14 12:0 a.m.5 views

The vulnerability of the __fib6_rule_action() function in the Linux operating system’s IPv6 kernel implementation allows a hacker to induce a service failure.

The vulnerability of the fib6ruleaction function in the net/ipv6/fib6rules.c module of the Linux operating system’s IPv6 kernel implementation is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...

5.5CVSS6.6AI score0.00289EPSS
Exploits0References50Affected Software5
Tenable Nessus
Tenable Nessus
added 2024/06/07 12:0 a.m.19 views

OpenSSL 0.9.7 < 0.9.7h Vulnerability

The version of OpenSSL installed on the remote host is prior to 0.9.7h. It is, therefore, affected by a vulnerability as referenced in the 0.9.7h advisory. - The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option,...

5CVSS6.5AI score0.04866EPSS
Exploits0References3
Rows per page
Query Builder