MiracleLinux 3 : kernel-2.6.18-128.17.AXS3 (AXSA:2010-272:04)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2010-272:04 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security issues fixed with this release: CVE-2010-1188 Use-after-free...

Linux Distros Unpatched Vulnerability : CVE-2022-24903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used...

CVE-2022-49330

In the Linux kernel, the following vulnerability has been resolved: tcp: fix tcpmtupprobesuccess vs wrong sndcwnd syzbot got a new report 1 finally pointing to a very old bug, added in initial support for MTU probing. tcpmtuprobe has checks about starting an MTU probe if tcpsndcwndtp = 11. But...

Rockwell Automation Stratix 5900 Improper Input Validation (CVE-2014-2109)

A vulnerability in the TCP Input module of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of the affected device which could lead to a denial of service DoS condition. The vulnerability is due to the way certain sequences of TCP packets are...

SUSE CVE-2007-5501

The tcpsacktagwritequeue function in net/ipv4/tcpinput.c in Linux kernel 2.6.21 through 2.6.23.7, and 2.6.24-rc through 2.6.24-rc2, allows remote attackers to cause a denial of service crash via crafted ACK responses that trigger a NULL pointer dereference...

SUSE CVE-2010-1188

Use-after-free vulnerability in net/ipv4/tcpinput.c in the Linux kernel 2.6 before 2.6.20, when IPV6RECVPKTINFO is set on a listening socket, allows remote attackers to cause a denial of service kernel panic via a SYN packet while the socket is in a listening TCPLISTEN state, which is not properl...

PT-2022-25295 · Siemens · Siplus Hmi Ktp900 Basic +9

Name of the Vulnerable Software and Affected Versions: SIMATIC HMI Comfort Panels incl. SIPLUS variants versions prior to V17 Update 4 SIMATIC HMI KTP Mobile Panels versions prior to V17 Update 4 SIMATIC HMI KTP1200 Basic versions prior to V17 Update 5 SIMATIC HMI KTP400 Basic versions prior to V...

CVE-2020-24341

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in picotcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually causing Denial-of-Servic...

CVE-2020-24341

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in picotcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually causing Denial-of-Servic...

CVE-2020-24341

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in picotcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually causing Denial-of-Servic...

Nzyme - Collects 802.11 Management Frames And Sends Them To A Graylog Setup For Wifi Ids, Monitoring, And Incident Response

Nzyme collects 802.11 management frames directly from the air and sends them to a Graylog Open Source log management setup for WiFi IDS, monitoring, and incident response. It only needs a JVM and a WiFi adapter that supports monitor mode. Think about this like a long-term months or years...

kernel: a BUG() statement can be hit in net/ipv4/tcp_input.c

It was discovered that the Linux kernel since 3.6-rc1 with 'net.ipv4.tcpfastopen' set to 1 can hit BUG statement in tcpcollapse function after making a number of certain syscalls leading to a possible system crash...

kernel: a BUG() statement can be hit in net/ipv4/tcp_input.c

It was discovered that the Linux kernel since 3.6-rc1 with 'net.ipv4.tcpfastopen' set to 1 can hit BUG statement in tcpcollapse function after making a number of certain syscalls leading to a possible system crash...

CVE-2015-0646

Memory leak in the TCP input module in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.3.xXO, 3.5.xE, 3.6.xE, 3.8.xS through 3.10.xS before 3.10.5S, and 3.11.xS and 3.12.xS before 3.12.3S allows remote attackers to cause a denial of service memory consumption or device reload by...

Memory corruption

Memory leak in the TCP input module in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.3.xXO, 3.5.xE, 3.6.xE, 3.8.xS through 3.10.xS before 3.10.5S, and 3.11.xS and 3.12.xS before 3.12.3S allows remote attackers to cause a denial of service memory consumption or device reload by...

CVE-2015-0646

Memory leak in the TCP input module in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.3.xXO, 3.5.xE, 3.6.xE, 3.8.xS through 3.10.xS before 3.10.5S, and 3.11.xS and 3.12.xS before 3.12.3S allows remote attackers to cause a denial of service memory consumption or device reload by...

Cisco IOS Software and IOS XE Software TCP Packet Memory Leak Vulnerability

A vulnerability in the TCP input module of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak and eventual reload of the affected device. The vulnerability is due to improper handling of certain crafted packet sequences used in establishing ...

Kernel: net: tcp: potential DoS via SYN+FIN messages

The tcprcvstateprocess function in net/ipv4/tcpinput.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service kernel resource consumption via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663...

Cisco IOS Software Multiple Network Address Translation (NAT) Denial of Service Vulnerabilities (cisco-sa-20140326-nat)

According to its self-reported version, the version of Cisco IOS running on the remote host is affected by multiple denial of service vulnerabilities in the Network Address Translation NAT implementation : - An issue exists in the TCP Input module due to the improper handling of certain sequences...

CVE-2014-2109

The TCP Input module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service memory consumption or device reload via crafted TCP packets, aka Bug IDs CSCuh33843 and CSCuj41494...