6 matches found
CVE-2016-10708
OpenSSH sshd before 7.4 is vulnerable to a denial of service caused by a NULL pointer dereference when processing an out-of-sequence NEWKEYS message (kex.c/packet.c). This affects the OpenSSH server; exploitation leads to daemon crash as demonstrated by Honggfuzz. Affected products include OpenSS...
CVE-2016-8610
CVE-2016-8610 is a denial-of-service flaw in OpenSSL affecting TLS/SSL alert packet processing during handshakes. The issue exists in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0, enabling a remote attacker to cause high CPU usage and denial of service by sending many alert messages. Con...
CVE-2018-18066
Net-SNMP CVE-2018-18066 is a NULL pointer dereference in snmp_oid_compare() within snmplib/snmp_api.c, affecting Net-SNMP versions before 5.8. An unauthenticated remote attacker can crash the agent by sending a crafted UDP packet, enabling a Denial of Service. Affected product scope includes Net-...
CVE-2018-18065
CVE-2018-18065 affects Net-SNMP before 5.8. The vulnerability is a NULL pointer dereference in _set_key within agent/helpers/table_container.c, which an authenticated attacker can exploit by sending a crafted UDP packet to remotely crash the SNMP service (DoS). Documented CVSS v3 base score is 6....
CVE-2018-5495
The CVE-2018-5495 entry concerns StorageGRID Webscale. Affected product: StorageGRID Webscale Admin Node (all versions). Vulnerability: unauthenticated attacker on the same network can communicate with Admin Node systems via HTTP or take over services on the Admin Node. Underlying impact is confi...
CVE-2017-12422
NetApp StorageGRID Webscale is affected. Versions 10.2.x prior to 10.2.2.3, 10.3.x prior to 10.3.0.4, and 10.4.x prior to 10.4.0.2 allow remote authenticated users to delete arbitrary objects via unspecified vectors. The primary impact is unauthorized deletion of objects; the underlying root caus...