A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly sanitize user input when creating new SNMP users.
This could allow
A buffer overflow vulnerability exists in the upload.cgi module of the iptime NAS firmware v1.5.04. The vulnerability arises due to the unsafe use of the strcpy function to copy attacker-controlled da
A vulnerability, which was classified as critical, was found in H3C Magic NX15, Magic NX400 and Magic R3010 up to V100R014. This affects the function FCGI_WizardProtoProcess of the file /api/wizard/ge
Improper certificate validation in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to intercept limited traffic between clients and
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read
A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI (Generic Security Service Application Programming Interface) indicators when a trailing
A vulnerability has been found in H3C Magic NX15, Magic NX30 Pro, Magic NX400 and Magic R3010 up to V100R014 and classified as critical. This vulnerability affects the function FCGI_WizardProtoProcess
In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade.
Only
A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affe
An issue was discovered on Tuoshi/Dionlink LT15D 4G Wi-Fi devices through M7628NNxlSPv2xUI_v1.0.1802.10.08_P4 and LT21B devices through M7628xUSAxUIv2_v1.0.1481.15.02_P0. A unauthenticated remote atta
HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP res
A vulnerability classified as critical was found in D-Link DIR-880L up to 104WWb01. Affected by this vulnerability is the function sub_16570 of the file /htdocs/ssdpcgi of the component Request Header
A timing attack against mod_auth_digest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker.
Users are recommended to upgrade to version 2.4.67, which fixes thi
A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated attacker to cause a denial of service.
A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been declared as critical. Affected by this vulnerability is an unknown f
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs
A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker t
An unauthenticated remote attacker can exploit a denial-of-service vulnerability in the device's web server functionality by sending a specially crafted HTTP request with a malicious header, potential
Improper Validation of Specified Type of Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET versions 1.100 to 1.200 and FX5-ENET/IP versions 1.100 to 1.104 allows a rem
A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for the SSH server of