CVE-2020-12292

Improper conditions check in some IntelR ThunderboltTM controllers may allow an authenticated user to potentially enable denial of service via local access...

CVE-2020-12292

CVE-2020-12292 affects Intel Thunderbolt controllers. The issue is an improper conditions check in certain Thunderbolt components, which could allow an authenticated local attacker to cause a denial of service. The Red Hat/NVD entries confirm the same description and indicate the attack is local ...

CVE-2020-12291

Uncontrolled resource consumption in some IntelR ThunderboltTM controllers may allow an authenticated user to potentially enable denial of service via local access...

CVE-2020-12296

Uncontrolled resource consumption in some IntelR ThunderboltTM controllers may allow an authenticated user to potentially enable denial of service via local access...

CVE-2020-12295

Improper input validation in some IntelR ThunderboltTM controllers may allow an authenticated user to potentially enable denial of service via local access...

CVE-2020-12293

Improper control of a resource through its lifetime in some IntelR ThunderboltTM controllers may allow an authenticated user to potentially enable denial of service via local access...

SUSE: Security Advisory (SUSE-SU-2020:3718-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:3714-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-15782

A vulnerability has been identified in SIMATIC Drive Controller family All versions V2.9.2, SIMATIC ET 200SP Open Controller CPU 1515SP PC incl. SIPLUS variants All versions, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 incl. SIPLUS variants All versions V21.9, SIMATIC S7-1200 CPU family incl...

Siemens SIMATIC S7-1500 CPU和SIMATIC S7-1500 缓冲区错误漏洞

The Siemens SIMATIC S7-1200 and S7-1500 CPU family products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industries. A security vulnerability exists in the Siemens SIMATIC S7-1200 and S7-1500 CPU family. ...

CVE-2021-22699

CVE-2021-22699 affects Schneider Electric Modicon M241/M251 PLCs. The issue is an improper input validation in firmware prior to v5.1.9.1, which could cause a denial of service when specific crafted HTTP requests are received. Red Hat and Tenable references corroborate this description. Impact is...

CVE-2021-22699

Improper Input Validation vulnerability exists in Modicon M241/M251 logic controllers firmware prior to V5.1.9.1 that could cause denial of service when specific crafted requests are sent to the controller over HTTP...

Schneider Electric homeLYnk和spaceLYnk 加密问题漏洞

Schneider Electric homeLYnk and spaceLYnk are both automation programming software for different logic controllers from Schneider Electric, France. An unauthorized access vulnerability exists in Schneider Electric homeLYnk and spaceLYnk, which arises from the presence of a broken or dangerous...

The vulnerability of the data collection and aggregation application from Cisco DNA Spaces Connector’s controllers and access points relates to the implementation or modification of arguments, allowing attackers to execute arbitrary commands with root privileges.

The vulnerability of the data collection and aggregation application from Cisco DNA Spaces Connector lies in the implementation or modification of arguments. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands with root privileges...

openSUSE Security Update : monitoring-plugins-smart (openSUSE-2021-706)

This update for monitoring-plugins-smart fixes the following issues : monitoring-plugins-smart was updated to 6.9.1 : This is a security-release boo1183057 + Fixes the regular expression for pseudo-devices under the /dev/bus/N path. from 6.9.0 + Allows using PCI device paths as device names 64 +...

EulerOS 2.0 SP5 : bind (EulerOS-SA-2021-1894)

According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's...

Security update for monitoring-plugins-smart (important)

openSUSE Security Update: Security update for monitoring-plugins-smart Announcement ID: openSUSE-SU-2021:0706-1 Rating: important References: 1183057 Affected Products: openSUSE Leap 15.2 openSUSE Backports SLE-15-SP2 openSUSE Backports SLE-15-SP1 An update that contains security fixes can now be...

GHSA-26GR-CVQ3-QXGF Improper Authentication in Apache Shiro

Apache Shiro before 1.5.2, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass...

Improper Authentication in Apache Shiro

Apache Shiro before 1.5.2, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass...

GHSA-72W9-FCJ5-3FCG Improper Authentication in Apache Shiro

Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. Apache Shiro before 1.5.3, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass...