Total
11965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-15350 | 1 Huawei | 38 Dp300, Dp300 Firmware, Ips Module and 35 more | 2018-02-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Common Open Policy Service Protocol (COPS) module in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, RP200 V500R002C00, V600R006C00, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10,SVN5800-C V200R003C00, V200R003C10, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3206 V100R002C00, V100R002C10,USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50 haa a buffer overflow vulnerability. An unauthenticated, remote attacker could exploit this vulnerability by sending specially crafted message to the affected products. The vulnerability is due to insufficient input validation of the message, which could result in a buffer overflow. Successful exploit may cause some services abnormal. | |||||
| CVE-2014-8985 | 1 Microsoft | 1 Internet Explorer | 2018-02-23 | 7.6 HIGH | 7.5 HIGH |
| Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2811, CVE-2014-2822, CVE-2014-2823, CVE-2014-4057, and CVE-2014-4145. | |||||
| CVE-2017-12468 | 1 Ccn-lite | 1 Ccn-lite | 2018-02-23 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in ccn-lite-ccnb2xml.c in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact via vectors involving the vallen and len variables. | |||||
| CVE-2017-12469 | 1 Ccn-lite | 1 Ccn-lite | 2018-02-23 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in util/ccnl-common.c in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact by leveraging incorrect memory allocation. | |||||
| CVE-2017-12466 | 1 Ccn-lite | 1 Ccn-lite | 2018-02-23 | 7.5 HIGH | 9.8 CRITICAL |
| CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact via vectors related to ssl_halen when running ccn-lite-sim, which trigger an out-of-bounds access. | |||||
| CVE-2017-12471 | 1 Ccn-lite | 1 Ccn-lite | 2018-02-22 | 7.5 HIGH | 9.8 CRITICAL |
| The cnb_parse_lev function in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact by leveraging failure to check for out-of-bounds conditions, which triggers an invalid read in the hexdump function. | |||||
| CVE-2017-15356 | 1 Huawei | 14 Dp300, Dp300 Firmware, Rp200 and 11 more | 2018-02-22 | 5.0 MEDIUM | 5.3 MEDIUM |
| Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00,V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00,V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50,V500R002C00, V600R006C00 have a buffer overflow vulnerability. An attacker may send specially crafted HTTP messages to the affected products. Due insufficient input validation of three different parameters in the messages, successful exploit may cause some service abnormal. | |||||
| CVE-2017-15355 | 1 Huawei | 14 Dp300, Dp300 Firmware, Rp200 and 11 more | 2018-02-22 | 5.0 MEDIUM | 5.3 MEDIUM |
| Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00,V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00,V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50,V500R002C00, V600R006C00 have a buffer overflow vulnerability. An attacker may send specially crafted HTTP messages to the affected products. Due insufficient input validation of three different parameters in the messages, successful exploit may cause some service abnormal. | |||||
| CVE-2017-15354 | 1 Huawei | 14 Dp300, Dp300 Firmware, Rp200 and 11 more | 2018-02-22 | 5.0 MEDIUM | 5.3 MEDIUM |
| Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00,V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00,V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50,V500R002C00, V600R006C00 have a buffer overflow vulnerability. An attacker may send specially crafted HTTP messages to the affected products. Due insufficient input validation of three different parameters in the messages, successful exploit may cause some service abnormal. | |||||
| CVE-2018-5788 | 1 Extremewireless | 1 Wing | 2018-02-22 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Denial of Service in the RIM (Radio Interface Module) process running on the WiNG Access Point via crafted packets. | |||||
| CVE-2018-5790 | 1 Extremewireless | 1 Wing | 2018-02-22 | 2.9 LOW | 5.3 MEDIUM |
| An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is Remote, Unauthenticated "Global" Denial of Service in the RIM (Radio Interface Module) over the MINT (Media Independent Tunnel) Protocol on the WiNG Access Point via crafted packets. | |||||
| CVE-2018-5796 | 1 Extremewireless | 1 Wing | 2018-02-22 | 9.0 HIGH | 7.2 HIGH |
| An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Hidden Root Shell by entering the administrator password in conjunction with the 'service start-shell' CLI command. | |||||
| CVE-2017-15342 | 1 Huawei | 8 Dp300, Dp300 Firmware, Espace U1981 and 5 more | 2018-02-22 | 5.0 MEDIUM | 7.5 HIGH |
| Huawei DP300 V500R002C00, TE60 V600R006C00, TP3106 V100R002C00, eSpace U1981 V200R003C30SPC100 have a denial of service vulnerability. The software does not correctly calculate the rest size in a buffer when handling SSL connections. A remote unauthenticated attacker could send a lot of crafted SSL messages to the device, successful exploit could cause no space in the buffer and then denial of service. | |||||
| CVE-2009-1437 | 1 Coolplayer | 1 Coolplayer | 2018-02-22 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka CoolPlayer+ Portable) 2.19.6 and earlier allows remote attackers to execute arbitrary code via a long string in a malformed playlist (.m3u) file. NOTE: this may overlap CVE-2008-3408. | |||||
| CVE-2017-15655 | 1 Asus | 1 Asuswrt | 2018-02-21 | 9.3 HIGH | 9.6 CRITICAL |
| Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version <=3.0.0.4.376.X. All have been fixed in version 3.0.0.4.378, but this vulnerability was not previously disclosed. Some end-of-life routers have this version as the newest and thus are vulnerable at this time. This vulnerability allows for RCE with administrator rights when the administrator visits several pages. | |||||
| CVE-2012-0759 | 1 Adobe | 1 Shockwave Player | 2018-02-20 | 10.0 HIGH | N/A |
| Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0771. | |||||
| CVE-2018-5701 | 1 Iolo | 1 System Shield | 2018-02-15 | 10.0 HIGH | 9.8 CRITICAL |
| In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003. | |||||
| CVE-2018-6537 | 1 Flexense | 1 Syncbreeze | 2018-02-15 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow vulnerability in the control protocol of Flexense SyncBreeze Enterprise v10.4.18 allows remote attackers to execute arbitrary code by sending a crafted packet to TCP port 9121. | |||||
| CVE-2018-0510 | 1 Kkcald Project | 1 Kkcald | 2018-02-14 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in epg search result viewer (kkcald) 0.7.19 and earlier allows remote attackers to perform unintended operations or execute DoS (denial of service) attacks via unspecified vectors. | |||||
| CVE-2017-13696 | 1 Flexense | 4 Diskpulse, Disksavvy, Dupscout and 1 more | 2018-02-13 | 10.0 HIGH | 9.8 CRITICAL |
| A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit the web server component. Successful exploitation of the software will allow an attacker to gain complete access to the system with NT AUTHORITY / SYSTEM level privileges. The vulnerability lies due to improper handling and sanitization of the incoming request. | |||||