| CVE-2007-5846 | 7.8
CVSS:3.0/AV:N/AC:L/Au:N/C:N/I:N/A:C | The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value. |
| CVE-2018-9849 | 5.3
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | Pulse Connect Secure 8.1.x before 8.1R14, 8.2.x before 8.2R11, and 8.3.x before 8.3R5 do not properly process nested XML entities, which allows remote attackers to cause a denial of service (memory consumption and memory errors) via a crafted XML document. |
| |
6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
| A cross site scripting issue has been found in welcome.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1.x before 8.1R12, 8.2.x before 8.2R9, and 8.3.x before 8.3R3 due to one of the URL parameters not being sanitized properly. |
| CVE-2016-10142 |
5.8
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
| An issue was discovered in the IPv6 protocol specification, related to ICMP Packet Too Big (PTB) messages. (The scope of this CVE is all affected IPv6 implementations from all vendors.) The security implications of IP fragmentation have been discussed at length in [RFC6274] and [RFC7739]. An attacker can leverage the generation of IPv6 atomic fragments to trigger the use of fragmentation in an arbitrary IPv6 flow (in scenarios in which actual fragmentation of packets is not needed) and can subsequently perform any type of fragmentation-based attack against legacy IPv6 nodes that do not implement [RFC6946 |
| CVE-2016-2125 |
6.4 CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
| Samba client code always requests a forwardable ticket
when using Kerberos authentication. This means the
target server, which must be in the current or trusted
domain/realm, is given a valid general purpose Kerberos
"Ticket Granting Ticket" (TGT), which can be used to
fully impersonate the authenticated user or service |
| CVE-2016-2126 |
5.0 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
|
A remote, authenticated, attacker can cause the winbindd process
to crash using a legitimate Kerberos ticket due to incorrect
handling of the arcfour-hmac-md5 PAC checksum.
A local service with access to the winbindd privileged pipe can
cause winbindd to cache elevated access permissions.
|
| | 8.3 CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:H | A cross site scripting issue has been found in new_object.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1.x before 8.1R13, 8.2.x before 8.2R10, and 8.3.x before 8.3R4 due to one of the URL parameters not being sanitized properly. |
| | 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | Pulse Policy Secure 5.2RX before 5.2R9 and 5.3RX before 5.3R2 does not apply inbound SSL connection cipher suite changes to enforcer connections (port 11123) |
