22 matches found
EUVD-2023-28816
Malicious code in bioql PyPI...
CVE-2023-24818
RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a NULL pointer dereference. During forwarding of a fragment an...
CVE-2023-24823 RIOT-OS vulnerable to Packet Type Confusion during IPHC send
RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a type confusion between IPv6 extension headers and a UDP header...
Out-of-bounds
RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be us...
CVE-2023-24819 RIOT-OS vulnerable to Buffer Overflow during IPHC receive
RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be us...
CVE-2023-24818 RIOT-OS vulnerable to null pointer dereference during fragment forwarding
RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a NULL pointer dereference. During forwarding of a fragment an...
RIOT RIOT-OS 数字错误漏洞
RIOT RIOT-OS is a set of operating systems used in the Internet of Things IoT space. A numeric error vulnerability exists in RIOT RIOT-OS versions prior to 2022.10, which can be exploited by an attacker to allow a device to send crafted frames that result in a large number of out-of-bounds writes...
PT-2023-19804 · Riot-Os · Riot-Os
Name of the Vulnerable Software and Affected Versions: RIOT-OS versions prior to 2022.10 Description: RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. An attacker can send a crafted frame to the device,...
JetBrains TeamCity 代码问题漏洞
JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides features such as continuous unit testing, code quality analysis and build issue analysis reports. A security vulnerability exists in JetBrains TeamCity...
PT-2022-27989 · Jetbrains · Teamcity
Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions 2022.10 through 2022.10.1 Description: The issue allows TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators when connecting to AWS using the "Default Credentia...
CVE-2022-44646
In JetBrains TeamCity version before 2022.10, no audit items were added upon editing a user's settings...
CVE-2022-44624
In JetBrains TeamCity version before 2022.10, Password parameters could be exposed in the build log if they contained special characters...
PT-2022-27275 · Jetbrains · Teamcity
Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2022.10 Description: The issue concerns the lack of audit items being added when editing a user's settings. This affects an estimated number of devices that are using the specified versions of JetBrains...
JetBrains TeamCity 安全漏洞
JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis, and build issue analysis reports. A security vulnerability exists in JetBrains TeamCity versions 2021.2...
CVE-2022-44622
In JetBrains TeamCity version between 2021.2 and 2022.10 access permissions for secure token health items were excessive...
CVE-2022-44646
In JetBrains TeamCity version before 2022.10, no audit items were added upon editing a user's settings...
PT-2022-27267 · Jetbrains · Teamcity
Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2022.10 Description: The issue allows a Project Viewer to see scrambled secure values in the MetaRunner settings. Recommendations: For versions prior to 2022.10, update to version 2022.10 or later to resol...
JetBrains TeamCity 安全漏洞
JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides features such as continuous unit testing, code quality analysis and build issue analysis reports. A security vulnerability exists in JetBrains TeamCity...
JetBrains TeamCity 日志信息泄露漏洞
JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis, and build issue analysis reports. A log information disclosure vulnerability exists in JetBrains TeamCit...
PT-2022-27268 · Jetbrains · Teamcity
Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2022.10 Description: The issue concerns the exposure of password parameters in the build log when these parameters contain special characters. Recommendations: For versions prior to 2022.10, consider...