Lucene search
K

42 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in net-snmp

Net-SNMP provides various tools related to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials could use a malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable to cause a NULL pointer dereference. Version 5.9.2 includes a patch to address...

6.5CVSS6.8AI score0.01131EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/31 9:11 a.m.88 views

Exploit for CVE-2026-8836

CVE-2026-8836 — lwIP SNMPv3 Stack Overflow PoC Proof of conce...

10CVSS7.7AI score0.01016EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/05/19 10:37 a.m.10 views

CVE-2026-8836

A flaw was found in lwIP. A remote attacker can exploit a stack-based buffer overflow vulnerability in the snmpparseinboundframe function within the SNMPv3 User-based Security Model USM Handler. By manipulating specific authentication parameters, an attacker could potentially achieve arbitrary co...

10CVSS6.3AI score0.01016EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/05/18 6:45 p.m.11 views

CVE-2026-8836 lwIP snmpv3 USM snmp_msg.c snmp_parse_inbound_frame stack-based overflow

A vulnerability was found in lwIP up to 2.2.1. Affected is the function snmpparseinboundframe of the file src/apps/snmp/snmpmsg.c of the component snmpv3 USM Handler. Performing a manipulation of the argument msgAuthenticationParameters results in stack-based buffer overflow. The attack may be...

10CVSS7.7AI score0.01016EPSS
Exploits1References6
CVE
CVE
added 2026/05/18 6:45 p.m.39 views

CVE-2026-8836

Summary: lwIP up to 2.2.1 contains a vulnerability in the SNMPv3 USM handler. The issue is in the function snmp_parse_inbound_frame (file: src/apps/snmp/snmp_msg.c) where manipulating msgAuthenticationParameters can cause a stack-based buffer overflow. The attack is potentially remote. A patch is...

10CVSS7.7AI score0.01016EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/02/25 4:26 p.m.9 views

CVE-2026-20048

A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper processing when...

7.7CVSS5.7AI score0.00302EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004189)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004189 advisory. In the Linux kernel before 4.20.12, net/ipv4/netfilter/nfnatsnmpbasicmain.c in the SNMP NAT module has insufficient ASN.1 length checks aka an array index error,...

7.8CVSS6.5AI score0.01092EPSS
Exploits2References14
RedhatCVE
RedhatCVE
added 2025/12/05 11:22 p.m.7 views

CVE-2025-13373

Advantech iView versions 5.7.05.7057 and prior do not properly sanitize SNMP v1 trap Port 162 requests, which could allow an attacker to inject SQL commands...

8.7CVSS7.4AI score0.00387EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/17 6:3 a.m.6 views

CVE-2025-55087

In NextX Duo's snmp addon versions before 6.4.4, a part of the Eclipse Foundation ThreadX, an attacker could cause an out-of-bound read by a crafted SNMPv3 security parameters...

6.3CVSS6.3AI score0.00415EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-16172

Malware in sbrugna...

5.3CVSS5.5AI score0.00838EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/02/23 12:0 a.m.4 views

PT-2025-9097 · Git +1 · Net-Snmp

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A heap buffer overflow issue was identified, which can cause a crash. The crash occurs during the setup engineID, init snmpv3 post premib config, and snmp call callbacks functions...

7.5AI score
Exploits0References2
CNNVD
CNNVD
added 2025/02/11 12:0 a.m.5 views

Siemens SCALANCE Series 访问控制错误漏洞

Siemens SCALANCE Series is a family of industrial communication devices from Siemens, Germany. An access control error vulnerability exists in the Siemens SCALANCE Series that arises from an affected device with the user role being affected by incorrect authorization in the SNMPv3 view...

5.3CVSS6.3AI score0.00283EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/07 6:3 p.m.9 views

CVE-2025-21091

When SNMP v1 or v2c are disabled on the BIG-IP, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.8AI score0.00436EPSS
Exploits0References3
OSV
OSV
added 2024/09/30 7:15 a.m.3 views

CVE-2024-8450

Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1 service, allowing unauthorized remote attackers to use this community string to access the SNMPv1 service with read-write privileges...

9.8CVSS5.8AI score
Exploits0References2
CVE
CVE
added 2024/06/25 11:58 p.m.80 views

CVE-2024-5460

CVE-2024-5460 affects Brocade Fabric OS versions before 9.0.0, where a hard-coded, default SNMP community string in the SNMP daemon config enables an authenticated, remote attacker to read data from the device. Exploitation via SNMP v1 with the static community string is implied; the vulnerabilit...

8.1CVSS8AI score0.00542EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2024/04/16 8:15 p.m.2 views

DEBIAN-CVE-2022-24809

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a GET-NEXT to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...

6.5CVSS6.7AI score0.01105EPSS
Exploits0References1
OSV
OSV
added 2024/04/16 8:15 p.m.3 views

DEBIAN-CVE-2022-24808

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users shou...

6.5CVSS6.7AI score0.01131EPSS
Exploits0References1
OSV
OSV
added 2024/04/16 8:15 p.m.2 views

DEBIAN-CVE-2022-24806

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can exploit an Improper Input Validation vulnerability when SETing malformed OIDs in master agent and subagent simultaneously. Version 5.9.2 contains a...

5.3CVSS6.8AI score0.01052EPSS
Exploits0References1
OSV
OSV
added 2024/04/16 8:15 p.m.0 views

DEBIAN-CVE-2022-24805

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. A user with read-only credentials can exploit the issue. Version 5.9.2 contains...

8.8CVSS7.6AI score0.01299EPSS
Exploits0References1
OSV
OSV
added 2023/08/31 1:15 a.m.3 views

CVE-2023-31925

Brocade SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords in plaintext. A privileged user could retrieve these credentials with knowledge and access to these log files. SNMP credentials could be seen in SANnav SupportSave if the capture is performed after an SNMP configurati...

6.5CVSS7.3AI score0.00204EPSS
Exploits0References1
Rows per page
Query Builder