Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
advertisement vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2022-27881
engine.c in slaacd in OpenBSD 6.9 and 7.0 prior to 2022-02-21 has a buffer overflow triggerable by an IPv6 router advertisement with more than seven nameservers. NOTE: privilege separation and pledge can prevent exploitation.
Openbsd Openbsd 7.0
Openbsd Openbsd 6.9
5
CVSSv2
CVE-2015-0272
GNOME NetworkManager allows remote malicious users to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.
Gnome Networkmanager
Suse Linux Enterprise Server 11
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Debuginfo 11
Suse Linux Enterprise Real Time Extension 11
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Workstation Extension 12
Suse Linux Enterprise Desktop 12
Canonical Ubuntu Linux 12.04
Oracle Linux 7
10
CVSSv2
CVE-2014-3954
Stack-based buffer overflow in rtsold in FreeBSD 9.1 up to and including 10.1-RC2 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via crafted DNS parameters in a router advertisement message.
Freebsd Freebsd 9.2
Freebsd Freebsd 10.1
Freebsd Freebsd 9.1
Freebsd Freebsd 9.3
Freebsd Freebsd 10.0
5
CVSSv2
CVE-2006-5425
XORP (eXtensible Open Router Platform) 1.2 and 1.3 allows remote malicious users to cause a denial of service (application crash) via an Open Shortest Path First (OSPF) Link State Advertisement (LSA) with an invalid LSA length field.
Xorp Extensible Open Router Platform 1.2
Xorp Extensible Open Router Platform 1.3
5
CVSSv2
CVE-2022-27882
slaacd in OpenBSD 6.9 and 7.0 prior to 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation.
Openbsd Openbsd 6.9
Openbsd Openbsd 7.0
4.7
CVSSv2
CVE-2013-2897
Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel up to and including 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate malicious users to cause a denial of service (heap memory corr...
Linux Linux Kernel 3.9.0
Linux Linux Kernel 3.2.21
Linux Linux Kernel 3.4.30
Linux Linux Kernel 3.4.4
Linux Linux Kernel 3.0.25
Linux Linux Kernel 3.1.2
Linux Linux Kernel 3.10.8
Linux Linux Kernel 3.4.11
Linux Linux Kernel 3.0
Linux Linux Kernel 3.2.19
Linux Linux Kernel 3.0.22
Linux Linux Kernel 3.2.23
Linux Linux Kernel 3.4.26
Linux Linux Kernel 3.4.13
Linux Linux Kernel 3.6.7
Linux Linux Kernel 3.8.10
Linux Linux Kernel 3.0.5
Linux Linux Kernel 3.5.2
Linux Linux Kernel 3.2.18
Linux Linux Kernel 3.0.68
Linux Linux Kernel 3.3
Linux Linux Kernel 3.0.38
4.7
CVSSv2
CVE-2013-2899
drivers/hid/hid-picolcd_core.c in the Human Interface Device (HID) subsystem in the Linux kernel up to and including 3.11, when CONFIG_HID_PICOLCD is enabled, allows physically proximate malicious users to cause a denial of service (NULL pointer dereference and OOPS) via a crafte...
Linux Linux Kernel 3.9.0
Linux Linux Kernel 3.2.21
Linux Linux Kernel 3.4.30
Linux Linux Kernel 3.4.4
Linux Linux Kernel 3.0.25
Linux Linux Kernel 3.1.2
Linux Linux Kernel 3.10.8
Linux Linux Kernel 3.4.11
Linux Linux Kernel 3.0
Linux Linux Kernel 3.2.19
Linux Linux Kernel 3.0.22
Linux Linux Kernel 3.2.23
Linux Linux Kernel 3.4.26
Linux Linux Kernel 3.4.13
Linux Linux Kernel 3.6.7
Linux Linux Kernel 3.8.10
Linux Linux Kernel 3.0.5
Linux Linux Kernel 3.5.2
Linux Linux Kernel 3.2.18
Linux Linux Kernel 3.0.68
Linux Linux Kernel 3.3
Linux Linux Kernel 3.0.38
5
CVSSv2
CVE-2013-4350
The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel up to and including 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote malicious users to obtain sensitive information by sniffin...
Linux Linux Kernel 3.9.0
Linux Linux Kernel 3.2.21
Linux Linux Kernel 3.4.30
Linux Linux Kernel 3.4.4
Linux Linux Kernel 3.0.25
Linux Linux Kernel 3.1.2
Linux Linux Kernel 3.10.8
Linux Linux Kernel 3.4.11
Linux Linux Kernel 3.0
Linux Linux Kernel 3.2.19
Linux Linux Kernel 3.0.22
Linux Linux Kernel 3.2.23
Linux Linux Kernel 3.4.26
Linux Linux Kernel 3.4.13
Linux Linux Kernel 3.6.7
Linux Linux Kernel 3.8.10
Linux Linux Kernel 3.0.5
Linux Linux Kernel 3.5.2
Linux Linux Kernel 3.2.18
Linux Linux Kernel 3.0.68
Linux Linux Kernel 3.3
Linux Linux Kernel 3.0.38
3.5
CVSSv2
CVE-2021-43032
In XenForo up to and including 2.2.7, a threat actor with access to the admin panel can create a new Advertisement via the Advertising function, and save an XSS payload in the body of the HTML document. This payload will execute globally on the client side.
Xenforo Xenforo
1 Github repository
NA
CVE-2023-23759
There is a vulnerability in the fizz library prior to v2023.01.30.00 where a CHECK failure can be triggered remotely. This behavior requires the client supported cipher advertisement changing between the original ClientHello and the second ClientHello, crashing the process (impac...
Facebook Fizz
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »