Lucene search
K

55 matches found

Vulnrichment
Vulnrichment
added 2024/08/09 5:9 p.m.14 views

CVE-2024-32765 QTS, QuTS hero

A vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow local authenticated administrators to gain access to and execute certain functions via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS...

4.2CVSS7AI score0.00211EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/08/08 4:44 a.m.3 views

kernel: inet: inet_defrag: prevent sk release while still in use

In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass skb-sk as function argument. If the skb is a fragment and reassembly happens before such function call returns, the sk must not be...

5.5CVSS6.3AI score0.0038EPSS
Exploits1References5
Debian
Debian
added 2024/03/14 1:19 p.m.33 views

[SECURITY] [DSA 5640-1] openvswitch security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5640-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 14, 2024 https://www.debian.org/security/faq -...

7.5CVSS8AI score0.01033EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/03/12 12:0 a.m.13 views

QNAP QuTS hero XSS Vulnerability (QSA-24-11)

QNAP QuTS hero is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.9CVSS4.9AI score0.00333EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/03/12 12:0 a.m.13 views

QNAP QTS XSS Vulnerability (QSA-24-11)

QNAP QTS is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts";...

4.9CVSS4.9AI score0.00333EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/03/11 12:0 a.m.12 views

QNAP QuTScloud XSS Vulnerability (QSA-24-11)

QNAP QuTScloud is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.9CVSS4.9AI score0.00333EPSS
Exploits0References1
NVD
NVD
added 2024/03/08 5:15 p.m.23 views

CVE-2023-32969

A cross-site scripting XSS vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QuTScloud c5.1.5.2651...

4.9CVSS4.7AI score0.00333EPSS
Exploits0References1
Prion
Prion
added 2024/03/08 5:15 p.m.26 views

Cross site scripting

A cross-site scripting XSS vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QuTScloud c5.1.5.2651...

3.3CVSS5.8AI score0.00333EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/08 4:17 p.m.31 views

CVE-2023-32969 Network & Virtual Switch

A cross-site scripting XSS vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QuTScloud c5.1.5.2651...

4.9CVSS5AI score0.00333EPSS
Exploits0References1
CVE
CVE
added 2024/03/08 4:17 p.m.69 views

CVE-2023-32969

Summary (CVE-2023-32969) A cross-site scripting (XSS) vulnerability affects QNAP’s Network & Virtual Switch across multiple product lines (QuTScloud, QTS, QuTS hero). The issue allows authenticated administrators to inject malicious code via a network. Affected/fixed versions: QuTScloud c5.1.5.26...

4.9CVSS4.7AI score0.00333EPSS
Exploits0References1Affected Software3
Vulnrichment
Vulnrichment
added 2024/03/08 4:17 p.m.20 views

CVE-2023-32969 Network & Virtual Switch

A cross-site scripting XSS vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QuTScloud c5.1.5.2651...

4.9CVSS5.5AI score0.00333EPSS
Exploits0References1
Gentoo Linux
Gentoo Linux
added 2023/11/26 12:0 a.m.36 views

Open vSwitch: Multiple Vulnerabilities

Background Open vSwitch is a production quality multilayer virtual switch. Description Multiple vulnerabilities have been discovered in Open vSwitch. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There i...

9.8CVSS7.7AI score0.08026EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/05/10 11:37 a.m.59 views

USN-6068-1: Open vSwitch vulnerability

David Marchand discovered that Open vSwitch incorrectly handled IP packets with the protocol set to 0. A remote attacker could possibly use this issue to cause a denial of service...

8.2CVSS6.9AI score0.01216EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/01/01 12:0 a.m.20 views

Debian: Security Advisory (DLA-3253-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.01324EPSS
Exploits0References3
Debian
Debian
added 2022/12/31 2:57 p.m.75 views

[SECURITY] [DLA 3253-1] openvswitch security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3253-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb December 31, 2022 https://wiki.debian.org/LTS -...

9.8CVSS9.8AI score0.01324EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/10/25 11:23 a.m.44 views

USN-5698-1: Open vSwitch vulnerability

It was discovered that Open vSwitch incorrectly handled comparison of certain minimasks. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code...

6.1CVSS8.2AI score0.00551EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/09/08 11:21 a.m.109 views

USN-5065-1: Open vSwitch vulnerability

It was discovered that Open vSwitch incorrectly handled decoding RAWENCAP actions. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code...

5.5CVSS6.6AI score0.0118EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2021/08/23 5:15 a.m.40 views

CVE-2021-38598

OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch c...

9.1CVSS6.6AI score0.0121EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/06/16 10:59 a.m.5 views

lldp/openvswitch: denial of service via externally triggered memory leak

A flaw was found in multiple versions of Open vSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability...

7.5CVSS5.7AI score0.03235EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/02/17 12:0 a.m.27 views

Debian DSA-4852-1 : openvswitch - security update

Joakim Hindersson discovered that Open vSwitch, a software-based Ethernet virtual switch, allowed a malicious user to cause a denial-of-service by sending a specially crafted packet. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

7.8CVSS7.4AI score0.08026EPSS
Exploits0References5
Rows per page
Query Builder