97 matches found
CVE-2021-20143
An unauthenticated command injection vulnerability exists in the parameters of operation 48 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
CVE-2021-20141
An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
CVE-2021-20141
An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
CVE-2021-20139
An unauthenticated command injection vulnerability exists in the parameters of operation 3 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to...
CVE-2021-20142
An unauthenticated command injection vulnerability exists in the parameters of operation 41 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
Command injection
An unauthenticated command injection vulnerability exists in the parameters of operation 3 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to...
Command injection
An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
Command injection
An unauthenticated command injection vulnerability exists in the parameters of operation 10 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
Command injection
An unauthenticated command injection vulnerability exists in the parameters of operation 49 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
CVE-2020-9999
creationtimestamp| type| source ---|---|--- 2020-12-08 22:31:30+00:00| seen| https://t.me/cibsecurity/17278...
CVE-2020-9999
CVE-2020-9999 is an Apple-specific memory corruption issue affecting multiple Apple platforms. Public documentation indicates that it can be triggered by processing a maliciously crafted text file, potentially leading to arbitrary code execution. The vulnerability is addressed in macOS Big Sur 11...
KLA12017 Mulitple vulnerabilities in Apple iCloud
Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A use after free vulnerability in...
About the security content of tvOS 14.0
About the security content of tvOS 14.0 This document describes the security content of tvOS 14.0. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...
About the security content of iTunes 12.10.9 for Windows
About the security content of iTunes 12.10.9 for Windows This document describes the security content of iTunes 12.10.9 for Windows. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...
KLA12007 Multiple vulnerabilities in Apple iTunes
Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An out-of-bounds write vulnerability in ImageIO can be exploited...
CVE-2020-10920
This vulnerability allows remote attackers to execute arbitrary code on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists within the control service, which listens on TCP port...
CVE-2020-10920
This vulnerability allows remote attackers to execute arbitrary code on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists within the control service, which listens on TCP port...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists within the control service, which listens on TCP port...
CVE-2020-10920
This vulnerability allows remote attackers to execute arbitrary code on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists within the control service, which listens on TCP port...
C-MORE HMI EA9 Control Port Missing Authentication for Critical Function Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of C-More HMI EA9 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists within the control service, which listens on TCP port 9999 by default. The...