17 matches found
CVE-2026-33010 mcp-memory-service's Wildcard CORS with Credentials Enables Cross-Origin Memory Theft
mcp-memory-service is an open-source memory backend for multi-agent systems. Prior to version 10.25.1, when the HTTP server is enabled MCPHTTPENABLED=true, the application configures FastAPI's CORSMiddleware with alloworigins='', allowcredentials=True, allowmethods="", and allowheaders="". The...
CVE-2021-33010
An exception is thrown from a function in AVEVA System Platform versions 2017 through 2020 R2 P01, but it is not caught, which may cause a denial-of-service condition...
CVE-2024-33010
Transient DOS while parsing fragments of MBSSID IE from beacon frame...
CVE-2024-33010 Use After Free in WLAN Host
Transient DOS while parsing fragments of MBSSID IE from beacon frame...
CVE-2024-33010 Use After Free in WLAN Host
Transient DOS while parsing fragments of MBSSID IE from beacon frame...
CVE-2024-33010
CVE-2024-33010 is a Use-After-Free in the WLAN Host path that causes a transient Denial of Service when parsing MBSSID IE fragments in beacon frames on Qualcomm chipsets. Affected component is WLAN in Qualcomm WLAN/Host stack; root cause is a use-after-free condition. Impact is Denial of Service ...
CVE-2022-33010
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
Widespread Exploitation of Zyxel Network Devices
Rapid7 is tracking reports of ongoing exploitation of CVE-2023-28771, a critical unauthenticated command injection vulnerability affecting multiple Zyxel networking devices. The vulnerability is present in the default configuration of vulnerable devices and is exploitable in the Wide Area Network...
Zyxel patches two critical vulnerabilities
Zyxell has released a security advisory for multiple buffer overflow vulnerabilities. Exploitation of these vulnerabilities could allow an unauthenticated attacker to cause denial-of-service DoS conditions and even a remote code execution on the affected Zyxell firewalls. Affected users should...
CVE-2023-33010
creationtimestamp| type| source ---|---|--- 2023-05-24 16:26:56+00:00| seen| https://t.me/cibsecurity/64679 2023-05-25 19:04:24+00:00| seen| Telegram/o33eMMvV5GbS5yvZwxR9Wy9Vxsb16o4MXlOt7k80dQpLQ 2023-05-25 19:12:23+00:00| seen| https://t.me/KomunitiSiber/262 2023-05-26 18:40:05+00:00| seen|...
CVE-2023-33010
A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50W firmware versions 4.25 through 5.36 Patch 1, USG20W-VPN firmware versions 4.25 through 5.36 Patc...
CVE-2023-33010
CVE-2023-33010 is a high-severity (CVSS 3.1: 9.8) buffer overflow in the ID processing function of Zyxel firewalls (ATP, USG FLEX, USG, ZyWALL/VPN) that can be exploited without authentication to cause DoS and remote code execution. Affected firmware ranges include Zyxel ATP 4.32–5.36 Patch 1, US...
CVE-2021-33010 AVEVA System Platform Uncaught Exception
An exception is thrown from a function in AVEVA System Platform versions 2017 through 2020 R2 P01, but it is not caught, which may cause a denial-of-service condition...
CVE-2021-33010 AVEVA System Platform Uncaught Exception
An exception is thrown from a function in AVEVA System Platform versions 2017 through 2020 R2 P01, but it is not caught, which may cause a denial-of-service condition...
CVE-2021-33010
CVE-2021-33010 concerns AVEVA System Platform. Connected documents confirm an uncaught exception in a function on versions 2017–2020 R2 P01 that may lead to a denial-of-service condition. The Red Hat/RedHat-linked and ICS advisories corroborate this issue as a Denial of Service vulnerability aris...
CVE-2022-33010
CVE-2022-33010 is rejected/not used per the Initial Description and does not represent an active vulnerability entry.
CVE-2022-33010
...