Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cisco unified ip phone 8865 firmware vulnerabilities and exploits

(subscribe to this query)
4.3
CVSSv2
CVE-2020-25685
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is c...
Thekelleys DnsmasqFedoraproject Fedora 32Fedoraproject Fedora 33Debian Debian Linux 10.0Arista Eos
4.3
CVSSv2
CVE-2020-25686
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 ...
Thekelleys DnsmasqFedoraproject Fedora 32Fedoraproject Fedora 33Debian Debian Linux 10.0Arista Eos
8.3
CVSSv2
CVE-2020-25681
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow exists in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buff...
Thekelleys DnsmasqFedoraproject Fedora 32Fedoraproject Fedora 33Debian Debian Linux 9.0Debian Debian Linux 10.0
8.3
CVSSv2
CVE-2020-25682
A flaw was found in dnsmasq prior to 2.83. A buffer overflow vulnerability exists in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with...
Thekelleys DnsmasqFedoraproject Fedora 32Fedoraproject Fedora 33Debian Debian Linux 9.0Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_ce...
Openssl OpensslDebian Debian Linux 9.0Debian Debian Linux 10.0Freebsd Freebsd 12.2Netapp Santricity Smi-s Provider -Netapp Snapcenter -Netapp Oncommand Workflow Automation -Netapp Storagegrid -Netapp Oncommand Insight -Netapp Ontap Select Deploy Administration Utility -Netapp Active Iq Unified Manager -Netapp Cloud Volumes Ontap Mediator -Netapp E-series Performance Analyzer -Tenable Tenable.scTenable NessusTenable Nessus Network Monitor 5.11.1Tenable Nessus Network Monitor 5.12.0Tenable Nessus Network Monitor 5.12.1Tenable Nessus Network Monitor 5.13.0Tenable Nessus Network Monitor 5.11.0Tenable Log Correlation EngineFedoraproject Fedora 34
2.9
CVSSv2
CVE-2017-13081
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
Debian Debian Linux 8.0Freebsd Freebsd 11Redhat Enterprise Linux Server 7Redhat Enterprise Linux Desktop 7Freebsd Freebsd 10.4Canonical Ubuntu Linux 17.04Opensuse Leap 42.2Debian Debian Linux 9.0Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 14.04Freebsd Freebsd 11.1Freebsd Freebsd 10Freebsd FreebsdOpensuse Leap 42.3W1.fi Hostapd 2.4W1.fi Hostapd 2.3W1.fi Hostapd 0.6.9W1.fi Hostapd 0.6.8W1.fi Hostapd 0.4.10W1.fi Hostapd 0.4.9W1.fi Hostapd 0.2.8W1.fi Hostapd 0.2.6
2.9
CVSSv2
CVE-2017-13079
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.
Debian Debian Linux 9.0Debian Debian Linux 8.0Canonical Ubuntu Linux 14.04Redhat Enterprise Linux Server 7Freebsd Freebsd 10Freebsd Freebsd 10.4Opensuse Leap 42.2Canonical Ubuntu Linux 17.04Canonical Ubuntu Linux 16.04Freebsd Freebsd 11Freebsd Freebsd 11.1Redhat Enterprise Linux Desktop 7Freebsd FreebsdOpensuse Leap 42.3W1.fi Hostapd 2.4W1.fi Hostapd 2.3W1.fi Hostapd 0.6.10W1.fi Hostapd 0.6.9W1.fi Hostapd 0.4.11W1.fi Hostapd 0.4.10W1.fi Hostapd 0.4.9W1.fi Hostapd 0.2.8
5.4
CVSSv2
CVE-2017-13084
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
Freebsd Freebsd 11Freebsd Freebsd 11.1Redhat Enterprise Linux Desktop 7Freebsd FreebsdCanonical Ubuntu Linux 17.04Canonical Ubuntu Linux 16.04Freebsd Freebsd 10Freebsd Freebsd 10.4Opensuse Leap 42.3Opensuse Leap 42.2Debian Debian Linux 9.0Debian Debian Linux 8.0Canonical Ubuntu Linux 14.04Redhat Enterprise Linux Server 7W1.fi Hostapd 2.3W1.fi Hostapd 2.2W1.fi Hostapd 0.6.9W1.fi Hostapd 0.6.8W1.fi Hostapd 0.4.10W1.fi Hostapd 0.4.9W1.fi Hostapd 0.4.8W1.fi Hostapd 0.2.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook