Lucene search
+L

180 matches found

Prion
Prion
added 2019/05/22 9:29 p.m.13 views

Design/Logic Flaw

A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex TriStation Emulator V1.2.0, which could cause the emulator to crash when sending a specially crafted packet. The emulator is used infrequently for application logic testing. It is susceptible to an...

4.3CVSS5.9AI score0.01144EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/05/22 8:29 p.m.23 views

CVE-2019-6819

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to...

7.5CVSS7.5AI score0.01129EPSS
Exploits0References2
Prion
Prion
added 2019/05/22 8:29 p.m.20 views

Design/Logic Flaw

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to...

5CVSS7.4AI score0.01129EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2019/05/22 8:8 p.m.46 views

CVE-2018-7803

The CVE-2018-7803 entry concerns Schneider Electric’s Triconex TriStation Emulator V1.2.0. It describes a CWE-754 issue: an improper check for unusual or exceptional conditions that could cause the emulator to crash when processing a specially crafted packet. The vulnerability is limited to offli...

5.9CVSS5.8AI score0.01144EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/05/22 8:8 p.m.16 views

CVE-2018-7803

A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex TriStation Emulator V1.2.0, which could cause the emulator to crash when sending a specially crafted packet. The emulator is used infrequently for application logic testing. It is susceptible to an...

5.9AI score0.01144EPSS
Exploits0References1
CVE
CVE
added 2019/05/22 7:45 p.m.89 views

CVE-2019-6819

Schneider Electric Modicon M340 (pre-3.01), M580 (pre-2.80), and all Modicon Quantum and Premium firmware are affected by CVE-2019-6819 (CWE-754). A remote attacker can cause a denial-of-service by sending specially crafted Modbus frames. The Red Hat, Tenable OT, and CISA/ICS advisories corrobora...

7.5CVSS7.4AI score0.01129EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/05/22 7:45 p.m.22 views

CVE-2019-6819

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to...

7.5AI score0.01129EPSS
Exploits0References2
Vaadin
Vaadin
added 2018/11/29 12:0 a.m.40 views

Unauthorized client-side property update in UIDL request handler in Vaadin 10 and 11

Missing check in UIDL request handler in com.vaadin:flow-server versions 1.0.0 through 1.0.5 Vaadin 10.0.0 through 10.0.7, and Vaadin 11.0.0 through 11.0.2 allows attacker to update element property values via crafted synchronization message. See CWE-754: Improper Check for Unusual or Exceptional...

4.3CVSS1.2AI score0.00574EPSS
Exploits0References1Affected Software2
ICS
ICS
added 2018/08/28 12:0 a.m.199 views

Schneider Electric Modicon M221

1. EXECUTIVE SUMMARY CVSS v3 4.8 ATTENTION: Exploitable remotely Vendor: Schneider Electric Equipment: Modicon M221 Vulnerability: Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized user to remotely...

7.8CVSS7.7AI score0.02797EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2018/07/30 7:10 p.m.3 views

jenkins: CLI leaked existence of views and agents with attacker-specified names to users without Overall/Read permission (SECURITY-754)

An exposure of sensitive information vulnerability exists in Jenkins 2.115 and older, LTS 2.107.1 and older, in CLICommand.java and ViewOptionHandler.java that allows unauthorized attackers to confirm the existence of agents or views with an attacker-specified name by sending a CLI command to...

5.3CVSS6AI score0.01403EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2016/10/26 12:0 a.m.49 views

Amazon Linux: Security Advisory (ALAS-2016-754)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.11402EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2016/10/13 12:0 a.m.60 views

Amazon Linux AMI : php70 (ALAS-2016-754)

ext/mysqlnd/mysqlndwireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNEDFLAG flag, which allows remote MySQL servers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted field metadata...

9.8CVSS8.4AI score0.11402EPSS
Exploits6References7
Packet Storm
Packet Storm
added 2015/07/27 12:0 a.m.88 views

OpenSSL Alternative Chains Certificate Forgery MITM Proxy

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'openssl' class Metasploit3 'OpenSSL Alternative Chains Certificate Forgery MITM Proxy', 'Description' = %q This module exploits a logic error ...

6.4CVSS0.2AI score0.61798EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2015/04/10 12:0 a.m.58 views

HP-UX PHNE_44236 : s700_800 11.23 NTP timeservices upgrade plus utilities

s700800 11.23 NTP timeservices upgrade plus utilities : Potential security vulnerabilities have been identified with HP-UX running NTP. These could be exploited remotely to execute code, create a Denial of Service DoS, or other vulnerabilities. References: CVE-2014-9293 - Insufficient Entropy in...

7.5CVSS7AI score0.78717EPSS
Exploits4References7
Fedora
Fedora
added 2015/01/07 11:53 p.m.20 views

[SECURITY] Fedora 20 Update: mpfr-3.1.2-5.fc20

The MPFR library is a C library for multiple-precision floating-point computations with "correct rounding". The MPFR is efficient and also has a well-defined semantics. It copies the good ideas from the ANSI/IEEE-754 standard for double-precision floating-point arithmetic 53-bit mantissa. MPFR is...

9.8CVSS2.3AI score0.0429EPSS
Exploits0
NVD
NVD
added 2010/11/17 1:0 a.m.16 views

CVE-2010-4274

resetdiragentkeys in the Common agent in IBM Systems Director 6.2.0 has 754 permissions, which allows local users to gain privileges by leveraging system group membership...

4.4CVSS6.3AI score0.00302EPSS
Exploits0References6
Prion
Prion
added 2010/11/17 1:0 a.m.15 views

Code injection

resetdiragentkeys in the Common agent in IBM Systems Director 6.2.0 has 754 permissions, which allows local users to gain privileges by leveraging system group membership...

4.4CVSS6.7AI score0.00302EPSS
Exploits0References6Affected Software1
OpenVAS
OpenVAS
added 2009/04/15 12:0 a.m.29 views

Ubuntu USN-754-1 (clamav)

The remote host is missing an update to clamav announced via advisory USN-754-1. OpenVAS Vulnerability Test $Id: ubuntu7541.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7541.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-754-1 clamav Authors: Thomas Rein...

7.8CVSS0.1AI score0.05067EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.25 views

Debian Security Advisory DSA 754-1 (centericq)

The remote host is missing an update to centericq announced via advisory DSA 754-1. Eric Romang discovered that centericq, a text-mode multi-protocol instant messenger client, creates some temporary files with predictable filenames and is hence vulnerable to symlink attacks by local attackers. Th...

2.1CVSS9.4AI score0.00362EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/07/13 12:0 a.m.25 views

Debian DSA-754-1 : centericq - insecure temporary file

Eric Romang discovered that centericq, a text-mode multi-protocol instant messenger client, creates some temporary files with predictable filenames and is hence vulnerable to symlink attacks by local attackers. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

2.1CVSS5.4AI score0.00362EPSS
Exploits0References2
Rows per page
Query Builder