CVE-2011-4650

Cisco Data Center Network Manager is affected by Excessive Logging During a TCP Flood on Java Ports. If the size of server.log becomes very big because of too much logging by the DCNM server, then the CPU utilization increases. Known Affected Releases: 5.21. Known Fixed Releases: 6.00SL10.14...

Code injection

Cisco Data Center Network Manager is affected by Excessive Logging During a TCP Flood on Java Ports. If the size of server.log becomes very big because of too much logging by the DCNM server, then the CPU utilization increases. Known Affected Releases: 5.21. Known Fixed Releases: 6.00SL10.14...

CVE-2011-4650

Cisco Data Center Network Manager is affected by Excessive Logging During a TCP Flood on Java Ports. If the size of server.log becomes very big because of too much logging by the DCNM server, then the CPU utilization increases. Known Affected Releases: 5.21. Known Fixed Releases: 6.00SL10.14...

CVE-2017-2348

The Juniper Enhanced jdhcpd daemon may experience high CPU utilization, or crash and restart upon receipt of an invalid IPv6 UDP packet. Both high CPU utilization and repeated crashes of the jdhcpd daemon can result in a denial of service as DHCP service is interrupted. No other Juniper Networks...

CVE-2017-2348

The CVE-2017-2348 issue affects Juniper Networks Junos OS where the jdhcpd daemon may experience high CPU utilization or crash when handling invalid IPv6 UDP packets, leading to a denial of service by interrupting DHCP service. Affected releases include Junos OS 14.1X53 before certain D-branch fi...

Citrix SCOM MP for StoreFront causes high memory utilization on Windows Server 2008 R2

Citrix SCOM MP for StoreFront causes high memory usage as well as can spawn many cscript.exe and conhost.exe processes...

Solarwinds LEM 6.3.1 Management Shell Arbitrary File Read Vulnerability

The management shell on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1 allows the end user to edit the MOTD banner displayed during SSH logon. The editor provided for this is nano. This editor has a keyboard mapped function which lets the user import a file from the local file...

Prison Inmates Built PCs from e-Waste and Connected Online Using Prison Network

Can you imagine your world without the Internet? I know it's hard to imagine your life without the Internet, and the same was the case of two Ohio prisoners who built personal computers from parts from e-waste, hid them in the ceiling, and connected those PCs to the Internet via the prison's...

Carlo Gavazzi Energy Meters - Login Brute Force, Extract Info and Dump Plant Database

This module scans for Carlo Gavazzi Energy Meters login portals, performs a login brute force attack, enumerates device firmware version, and attempt to extract the SMTP configuration. A valid, admin privileged user is required to extract the SMTP password. In some older firmware versions, the SM...

Cisco ASR 1000 Series Routers Denial of Service Vulnerability

Cisco ASR 1000 Series Aggregation Services Routers running Cisco IOS XE Software is a set of operating systems from Cisco that run in ASR 1000 Series routers. A security vulnerability exists in the 'Simple Network Management Protocol SNMP' function of Cisco IOS XE Software in Cisco ASR 1000 Serie...

cfme: RCE via Capacity & Utilization feature

A code injection flaw was found in the way capacity and utilization imported control files are processed. A remote, authenticated attacker with access to the capacity and utilization feature could use this flaw to execute arbitrary code as the user CFME runs as...

Important: Red Hat Security Advisory: CFME 5.6.3 security, bug fix, and enhancement update

An update is now available for Red Hat CloudForms 4.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

CVE-2016-5402

A code injection flaw was found in the way capacity and utilization imported control files are processed. A remote, authenticated attacker with access to the capacity and utilization feature could use this flaw to execute arbitrary code as the user CFME runs as...

Moderate: Red Hat Security Advisory: Red Hat Storage Console 2 security and bug fix update

An update is now available for Red Hat Storage Console 2 for Red Hat Enteprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Nagios Network Analyzer 2.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities

Nagios Network Analyzer 2.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities + Credits: John Page hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NAGIOS-NA-v2.2.1-MULTIPLE-CSRF.txt + ISR: ApparitionSec Vendor: =============== www.nagios.co...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise MRG 2.5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Cisco Web Security Appliance Native FTP Denial of Service Vulnerability

A vulnerability in the native pass-through FTP functionality of the Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause a partial denial of service DoS condition due to high CPU utilization. The vulnerability is due to how the FTP client terminates the FTP...

Automattic: CPU utilization 99% on visiting wordpress site url & open redirect found

Working POC for making CPU 99% for wordpress user + Login to wordpress account + Visit any of the below url's which are sent by attacker to victim since these are wordpress url so victim will accept & open...

Cisco Web Security Appliance Native FTP Denial of Service Vulnerability

A vulnerability in the native passthrough FTP functionality of the Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause a partial denial of service DoS condition due to high CPU utilization. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions migh...

Cisco Web Security Appliance Native FTP Denial of Service Vulnerability

A vulnerability in the native passthrough FTP functionality of the Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause a partial denial of service DoS condition due to high CPU utilization. The vulnerability occurs when the FTP client terminates the FTP contr...