EUVD-2022-26095

Malicious code in bioql PyPI...

CVE-2022-20845 Cisco Network Convergence System 4000 Series TL1 Denial of Service Vulnerability

A vulnerability in the TL1 function of Cisco Network Convergence System NCS 4000 Series could allow an authenticated, local attacker to cause a memory leak in the TL1 process. This vulnerability is due to TL1 not freeing memory under some conditions. An attacker could exploit this vulnerability b...

CVE-2022-20845 Cisco Network Convergence System 4000 Series TL1 Denial of Service Vulnerability

A vulnerability in the TL1 function of Cisco Network Convergence System NCS 4000 Series could allow an authenticated, local attacker to cause a memory leak in the TL1 process. This vulnerability is due to TL1 not freeing memory under some conditions. An attacker could exploit this vulnerability b...

AIX is vulnerable to security restrictions bypass due to cURL libcurl (CVE-2024-0853)

IBM SECURITY ADVISORY First Issued: Thu Jun 20 15:10:42 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/curladvisory5.asc Security Bulletin: AIX is vulnerable to security restrictions bypass due to cURL libcurl CVE-2024-0853...

Multiple vulnerabilities in OpenSSL affect AIX

IBM SECURITY ADVISORY First Issued: Tue Jan 24 09:22:21 CST 2023 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/openssladvisory37.asc Security Bulletin: Multiple vulnerabilities in OpenSSL affect AIX...

Cisco Network Convergence System 4000 Series TL1 Denial of Service Vulnerability

A vulnerability in the TL1 function of Cisco Network Convergence System NCS 4000 Series could allow an authenticated, local attacker to cause a memory leak in the TL1 process. This vulnerability is due to TL1 not freeing memory under some conditions. An attacker could exploit this vulnerability b...

Cisco IOS XE TL1 Request Handling RCE (cisco-sa-20161102-tl1)

According to its self-reported version and model, the Cisco IOS XE software running on the remote ASR device is affected by a remote code execution vulnerability in the Transaction Language 1 TL1 code due to an overflow condition caused by improper bounds checking on certain input when handling T...

CVE-2016-6441

A vulnerability in the Transaction Language 1 TL1 code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to cause a reload of, or remotely execute code on, the affected system. This vulnerability affects Cisco ASR 900 Series Aggregation Services Routers ASR902, ASR90...

Design/Logic Flaw

A vulnerability in the Transaction Language 1 TL1 code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to cause a reload of, or remotely execute code on, the affected system. This vulnerability affects Cisco ASR 900 Series Aggregation Services Routers ASR902, ASR90...

CVE-2016-6441

CVE-2016-6441 affects Cisco ASR 900 Series Aggregation Services Routers (ASR902/903/907) running Cisco IOS XE, where the TL1 code processes input and fails bounds checks, allowing an unauthenticated remote attacker to cause a reload or execute arbitrary code. Affected releases include 3.17.0S–3.1...

Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability

A vulnerability in the Transaction Language 1 TL1 code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to cause a reload of, or remotely execute code on, the affected system. The vulnerability exists because the affected software performs incomplete bounds checks o...

CVE-2004-1436

The CVE-2004-1436 issue affects Cisco ONS TL1 login interfaces on Cisco ONS 15327 (4.6(0)/4.6(1)) and 15454/15454 SDH (4.6(0)/4.6(1)). It allows remote authenticated access by logging in with a password longer than 10 characters when the account password is blank, enabling unauthorized access. Th...

CVE-2004-1436

The Transaction Language 1 TL1 login interface in Cisco ONS 15327 4.60 and 4.61 and 15454 and 15454 SDH 4.60 and 4.61, when a user account is configured with a blank password, allows remote attackers to gain unauthorized access by logging in with a password larger than 10 characters...