15 matches found
EUVD-2022-38821
Malicious code in bioql PyPI...
DEBIAN-CVE-2025-38622
In the Linux kernel, the following vulnerability has been resolved: net: drop UFO packets in udprcvsegment When sending a packet with virtionethdr to tun device, if the gsotype in virtionethdr is SKBGSOUDP and the gsosize is less than udphdr size, below crash may happen. ------------ cut here...
CVE-2022-36052
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The 6LoWPAN implementation in Contiki-NG may cast a UDP header structure at a certain offset in a packet buffer. The code does not check whether the packet buffer is large enough to fit a full UDP heade...
SUSE CVE-2024-49949
In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdiscpktleninit with UFO After commit 7c6d2ecbda83 "net: be more gentle about silly gso requests coming from user" virtionethdrtoskb had sanity check to detect malicious attempts from user space ...
UBUNTU-CVE-2024-49978
In the Linux kernel, the following vulnerability has been resolved: gso: fix udp gso fraglist segmentation after pull from fraglist Detect gso fraglist skbs with corrupted geometry see below and pass these to skbsegment instead of skbsegmentlist, as the first can segment them correctly. Valid...
CVE-2024-49949 net: avoid potential underflow in qdisc_pkt_len_init() with UFO
In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdiscpktleninit with UFO After commit 7c6d2ecbda83 "net: be more gentle about silly gso requests coming from user" virtionethdrtoskb had sanity check to detect malicious attempts from user space ...
CVE-2022-36052 Out-of-bounds read when decompressing UDP header
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The 6LoWPAN implementation in Contiki-NG may cast a UDP header structure at a certain offset in a packet buffer. The code does not check whether the packet buffer is large enough to fit a full UDP heade...
CVE-2022-36052 Out-of-bounds read when decompressing UDP header
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The 6LoWPAN implementation in Contiki-NG may cast a UDP header structure at a certain offset in a packet buffer. The code does not check whether the packet buffer is large enough to fit a full UDP heade...
The vulnerability of microprogrammed software for controllers CAPITAL VSTAR, APOGEE MBC, APOGEE MEC, APOGEE PXC, TALON TC, and the operating system Nucleus relates to errors in processing UDP packet headers. This vulnerability allows an attacker to gain access to protected information or cause a service failure.
The vulnerability of microprogrammed software for controllers CAPITAL VSTAR, APOGEE MBC, APOGEE MEC, APOGEE PXC, TALON TC, and the operating system Nucleus is related to errors in processing the UDP packet header. Exploiting this vulnerability can allow an attacker to gain access to protected...
QEMU 缓冲区错误漏洞
QEMU is a suite of analog processor software. A security vulnerability exists in QEMU that stems from the function udp6input using memory outside of the working mbuf buffer when processing udp packets from incoming guests that are smaller than the size of the udphdr structure. An attacker could...
UPNPD M-SEARCH - ssdp:discover Reflection Denial of Service
UPNPD M-SEARCH - ssdp:discover Reflection Denial of Service !/usr/bin/perl upnpd M-SEARCH ssdp:discover reflection Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with...
UPNPD M-SEARCH ssdp:discover Reflection Denial Of Service
!/usr/bin/perl upnpd M-SEARCH ssdp:discover reflection Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with uPnP Universal Plug and Play. SSDP is HTTP like protocol and...
NTP MON_GETLIST Query Amplification DDoS
!/usr/bin/perl ntp MONGETLIST query amplification ddos Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg A Network Time Protocol NTP Amplification attack is an emerging form of Distributed Denial of Service DDoS that relies...
暴风影音3.7.11.13 远程拒绝服务漏洞
No description provided by source. ifndef WIN32LEANANDMEAN define WIN32LEANANDMEAN endif include winsock2.h include ws2tcpip.h include stdio.h pragma commentlib, "ws232" // Set the packing to a 1 byte boundary include pshpack1.h // // Define the IPv4 header. Make the version and length field one...
Be BeOS 4.0/4.5/5.0 - IP Packet Length Field
source: https://www.securityfocus.com/bid/1100/info The networking process in BeOS can crash if certain malformed packets are transmitted to it. If the length field is set to a number less than the total length of the IP and protocol TCP or UDP headers alone, the process will halt and require...