Lucene search
K

79 matches found

NVD
NVD
added 2019/10/09 5:15 p.m.19 views

CVE-2019-17389

In RIOT 2019.07, the MQTT-SN implementation asymcute mishandles errors occurring during a read operation on a UDP socket. The receive loop ends. This allows an attacker via a large packet to prevent a RIOT MQTT-SN client from working until the device is restarted...

7.8CVSS7.4AI score0.01382EPSS
Exploits0References1
Prion
Prion
added 2019/10/09 5:15 p.m.12 views

Design/Logic Flaw

In RIOT 2019.07, the MQTT-SN implementation asymcute mishandles errors occurring during a read operation on a UDP socket. The receive loop ends. This allows an attacker via a large packet to prevent a RIOT MQTT-SN client from working until the device is restarted...

7.8CVSS7.4AI score0.01382EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/10/09 4:6 p.m.52 views

CVE-2019-17389

In RIOT 2019.07, the MQTT-SN implementation (asymcute) mishandles errors during a UDP read, causing the receive loop to terminate. This can allow an attacker to disrupt a RIOT MQTT-SN client by sending a large packet, preventing operation until the device is restarted. (CVE-2019-17389)

7.8CVSS7.3AI score0.01382EPSS
Exploits0References1Affected Software1
Veracode
Veracode
added 2019/01/15 9:17 a.m.59 views

Remote Code Execution (RCE)

log4j is vulnerable to remote code execution RCE. A malicious user can pass a malicious binary to the system that when deserialized, executes arbitrary code. This only affects applications that are using the TCP socket server or the UDP socket server to receive log events from another application...

9.8CVSS9.8AI score0.8904EPSS
Exploits2References123Affected Software85
Prion
Prion
added 2017/04/17 9:59 p.m.31 views

Code injection

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code...

7.5CVSS9.3AI score0.8904EPSS
Exploits2References82Affected Software73
NVD
NVD
added 2017/04/17 9:59 p.m.34 views

CVE-2017-5645

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code...

9.8CVSS9.5AI score0.8904EPSS
Exploits2References82
Packet Storm
Packet Storm
added 2017/03/12 12:0 a.m.75 views

MobaXterm Personal Edition 9.4 Path Traversal

Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MOBAXTERM-TFTP-PATH-TRAVERSAL-REMOTE-FILE-ACCESS.txt + ISR: ApparitionSec Vendor: ===================== mobaxterm.mobatek.net Product: ===============================...

5.3AI score0.07796EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.32 views

Fedora 22 : qemu-2.3.1-7.fc22 (2015-d5c1048b47)

CVE-2015-7295: virtio-net possible remote DoS bz 1264393 drive-mirror: Fix coroutine reentrance bz 1266936 Fix udp socket 'localaddr' bz 1268708 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

5CVSS7.5AI score0.04935EPSS
Exploits0References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.44 views

LBreakOut2 2.x Login Remote Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8021/info It has been reported that lbreakout2 is vulnerable to a format string issue in the login component. This may result in an attacker executing arbitrary code on a vulnerable host. / lbreakout2-2.5+: remote format...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.60 views

Oracle Linux 5 / 6 : java-1.6.0-openjdk (ELSA-2011-1380)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-1380 advisory. 1:1.6.0.0-1.40.1.9.10 - Resolves: rhbz744788 - Bumped to IcedTea6 1.9.8 -removed font copying Security fixes - S7000600, CVE-2011-3547: InputStream...

10CVSS8.1AI score0.96714EPSS
Exploits19References14
Tenable Nessus
Tenable Nessus
added 2012/01/19 12:0 a.m.45 views

RHEL 6 : java-1.6.0-ibm (RHSA-2012:0034)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0034 advisory. The IBM Java SE version 6 release includes the IBM Java 6 Runtime Environment and the IBM Java 6 Software Development Kit. This update fixes...

10CVSS7.6AI score0.96714EPSS
Exploits19References40
RedHat Linux
RedHat Linux
added 2012/01/18 7:22 p.m.12 views

OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.233 and earlier allows remote attackers to affect integrity via unknown vectors related to Networking...

2.6CVSS7.4AI score0.02905EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2011/10/19 12:0 a.m.49 views

RHEL 5 / 6 : java-1.6.0-openjdk (RHSA-2011:1380)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:1380 advisory. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. A flaw was found in the Java R...

10CVSS8.4AI score0.96714EPSS
Exploits19References31
Prion
Prion
added 2009/08/27 5:30 p.m.28 views

Null pointer dereference

The udpsendmsg function in the UDP implementation in 1 net/ipv4/udp.c and 2 net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash via vectors involving the MSGMORE flag and a UDP socket...

7.2CVSS6.5AI score0.07121EPSS
Exploits18References26Affected Software12
NVD
NVD
added 2009/08/27 5:30 p.m.28 views

CVE-2009-2698

The udpsendmsg function in the UDP implementation in 1 net/ipv4/udp.c and 2 net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash via vectors involving the MSGMORE flag and a UDP socket...

7.8CVSS7.2AI score0.07121EPSS
Exploits18References26
Tenable Nessus
Tenable Nessus
added 2009/08/25 12:0 a.m.37 views

RHEL 5 : kernel (RHSA-2009:1222)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:1222 advisory. - kernel: uninit op in SOCKOPSWRAP leads to privesc CVE-2009-2692 - kernel: udp socket NULL ptr dereference CVE-2009-2698 Note that Nessus h...

7.8CVSS6.4AI score0.14633EPSS
Exploits35References7
0day.today
0day.today
added 2007/08/13 12:0 a.m.19 views

WengoPhone 2.x SIP Phone Remote Denial of Service Exploit

Exploit for unknown platform in category dos / poc ========================================================= WengoPhone 2.x SIP Phone Remote Denial of Service Exploit ========================================================= /main.cpp/ include include using namespace std; ifdef WIN32 include prag...

7AI score
Exploits0
exploitpack
exploitpack
added 2006/11/30 12:0 a.m.38 views

3Com TFTP Service (3CTftpSvc) 2.0.1 - Long Transporting Mode Remote Overflow

3Com TFTP Service 3CTftpSvc 2.0.1 - Long Transporting Mode Remote Overflow 3comtftpdxpsp2.rb Copyright C cthulhu This is a poc intended to exploit the 3Com TFTP Service version 2.0.1 long transporting mode buffer overflow under xp sp2 english Vulnerability discovered by Liu Qixu Usage : ruby...

7.5AI score
Exploits0
0day.today
0day.today
added 2005/11/11 12:0 a.m.28 views

Snort <= 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit (4)

Exploit for linux platform in category remote exploits =============================================================== Snort hey xwings 03:07 why don't you come up and see me sometime? Tested on : Linux debian24 2.4.27-2-386 1 Mon May 16 16:47:51 JST 2005 i686 GNU/Linux gcc version 3.3.5 Debian...

7.1AI score
Exploits0
Rows per page
Query Builder