CVE-2022-43636

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of TP-Link TL-WR940N 6211111 3.20.1US routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by...

CVE-2022-48434

libavcodec/pthreadframe.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances e.g., hardware re-initialization upon a mid-video SPS change when...

SUSE CVE-2023-28772

An issue was discovered in the Linux kernel before 5.13.3. lib/seqbuf.c has a seqbufputmemhex buffer overflow...

Ubuntu 18.04 ESM / 20.04 ESM / 22.04 ESM : Rack vulnerabilities (USN-5896-1)

The remote Ubuntu 18.04 ESM / 20.04 ESM / 22.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5896-1 advisory. It was discovered that Rack was not properly parsing data when processing multipart POST requests. If a user or automated system...

K50046200: BIG-IP TMM vulnerability CVE-2020-5854

Security Advisory Description The Traffic Management Microkernel TMM process may produce a core file when using the connector profile and a specific sequence of connections are received. CVE-2020-5854 Impact The BIG-IP system temporarily fails to process traffic as it recovers from a TMM restart,...

K68401558: BIG-IP virtual server TCP sequence numbers vulnerability

Security Advisory Description Attackers in a privileged network position may be able to obtain TCP sequence numbers SEQ from the BIG-IP system for a short period of time up to 4 seconds that will be reused in future connections with the same source and destination port and IP numbers. Impact...

K11797: Pre-logon sequence vulnerability to token spoofing

Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this Solution have not been evaluated for...

K17270: OpenSSH vulnerability CVE-2015-6565

Security Advisory Description sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY devices, which allows local users to cause a denial of service terminal disruption or possibly have unspecified other impact by writing to a device, as demonstrated by writing an escape sequence...

K81674333: Ruby vulnerabilities CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325

Security Advisory Description CVE-2019-8322 An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur. CVE-2019-8323 An issue was...

K54436295: Linux kernel vulnerability CVE-2018-17182

Security Advisory Description An issue was discovered in the Linux kernel through 4.18.8. The vmacacheflushall function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free and possibly gain privileges via certain thread creation, map, unmap, invalidatio...

K16883: TCP sequence number vulnerability CVE-1999-0077

Security Advisory Description Predictable TCP sequence numbers allow spoofing. CVE-1999-0077 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status To determine if your release is known to be vulnerable, the components or features that are affected...

K3126: Large TCP window sizes may make it easier to predict sequence numbers vulnerability CVE-2004-0230

Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribing to email notifications regarding F5 products. Note : Versions that are not listed in this article have not been evaluated for vulnerability to this securit...

K15301: Linux kernel TCP ISN vulnerability CVE-2011-3188

Security Advisory Description The 1 IPv4 and 2 IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service disrupted networking or hijack...

K37510383: Linux kernel SCTP vulnerability CVE-2015-5283

Security Advisory Description The sctpinit function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service panic or memory corruption by creating SCTP sockets before all of the steps...

K13405416: QEMU vulnerability CVE-2012-3515

Security Advisory Description Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space...

USN-5872-1 nss vulnerabilities

Tavis Ormandy discovered that NSS incorrectly handled an empty pkcs7 sequence. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. CVE-2022-22747 Ronald Crane discovered that NSS incorrectly handled certain memory operations. A remote attacker...

SUSE CVE-1999-0077

Predictable TCP sequence numbers allow spoofing...

SUSE CVE-2000-0328

Windows NT 4.0 generates predictable random TCP initial sequence numbers ISN, which allows remote attackers to perform spoofing and session hijacking...

SUSE CVE-2000-0916

FreeBSD 4.1.1 and earlier, and possibly other BSD-based OSes, uses an insufficient random number generator to generate initial TCP sequence numbers ISN, which allows remote attackers to spoof TCP connections...

SUSE CVE-2001-0328

TCP implementations that use random increments for initial sequence numbers ISN can allow remote attackers to perform session hijacking or disruption by injecting a flood of packets with a range of ISN values, one of which may match the expected ISN...