Page 6 of 55 results (0.023 seconds)

CVSS: 7.5EPSS: 15%CPEs: 63EXPL: 0

CVE-2018-7185 – Ubuntu Security Notice USN-3707-2

https://notcve.org/view.php?id=CVE-2018-7185

01 Mar 2018 — The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association. El motor de protocolo en ntp, en versiones 4.2.6 anteriores a la 4.2.8p11, permite que atacantes remotos provoquen una denegación de servicio (interrupción) mediante el envío continuado de un paquete con una marc... • http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html •

CVSS: 5.6EPSS: 94%CPEs: 1467EXPL: 10

CVE-2017-5753 – Multiple CPUs - 'Spectre' Information Disclosure

https://notcve.org/view.php?id=CVE-2017-5753

04 Jan 2018 — Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. Los sistemas con microprocesadores con ejecución especulativa y predicción de ramas podrían permitir la revelación no autorizada de información al atacante con acceso de usuario local mediante un análisis de un canal lateral. An industry-wide issue was found in the way many modern microprocessor designs have imp... • https://packetstorm.news/files/id/145645 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-15895

https://notcve.org/view.php?id=CVE-2017-15895

08 Dec 2017 — Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology Router Manager (SRM) before 1.1.5-6542-4 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter. Una vulnerabilidad de salto de directorio en SYNO.FileStation.Extract en Synology Router Manager (SRM) en versiones anteriores a la 1.1.5-6542-4 permite que usuarios remotos autenticados escriban archivos arbitrarios mediante el parámetro dest_folder_path. • https://www.synology.com/en-global/support/security/Synology_SA_17_71_SRM • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 10.0EPSS: 68%CPEs: 54EXPL: 4

CVE-2017-14491 – Dnsmasq < 2.78 - 2-byte Heap Overflow

https://notcve.org/view.php?id=CVE-2017-14491

02 Oct 2017 — Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. Un desbordamiento de búfer basado en memoria dinámica (heap) en dnsmasq en versiones anteriores a la 2.78 permite a los atacantes provocar una denegación de servicio (cierre inesperado) o ejecutar código arbitrario utilizando una respuesta DNS manipulada. A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replie... • https://packetstorm.news/files/id/144480 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-12077

https://notcve.org/view.php?id=CVE-2017-12077

28 Aug 2017 — Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology Router Manager (SRM) before 1.1.4-6509 allows remote authenticated attacker to exhaust the memory resources of the machine, causing a denial of service attack. Una vulnerabilidad de consumo de recursos sin control en SYNO.Core.PortForwarding.Rules en Synology Router Manager (SRM) para versiones anteriores a la 1.1.4-6509 permite a un atacante autenticado remoto agotar los recursos de memoria de la máquina, provocan... • https://www.synology.com/en-global/support/security/Synology_SA_17_49_SRM • CWE-400: Uncontrolled Resource Consumption •