10 matches found
CVE-2025-40943
Affected devices do not properly sanitize contents of trace files. This could allow an attacker to inject code through social engineering an authorized user, who has the function right "Read diagnostics", to import a specially crafted trace file. The malicious trace file is insufficiently sanitiz...
CVE-2025-40943
Affected devices do not properly sanitize contents of trace files. This could allow an attacker to inject code through social engineering an authorized user, who has the function right "Read diagnostics", to import a specially crafted trace file. The malicious trace file is insufficiently sanitiz...
CVE-2025-40943
Affected devices do not properly sanitize contents of trace files. This could allow an attacker to inject code through social engineering an authorized user, who has the function right "Read diagnostics", to import a specially crafted trace file. The malicious trace file is insufficiently sanitiz...
CVE-2025-40943
Affected devices do not properly sanitize contents of trace files. This could allow an attacker to inject code through social engineering an authorized user, who has the function right "Read diagnostics", to import a specially crafted trace file. The malicious trace file is insufficiently sanitiz...
Siemens SIMATIC
SUMMARY SIMATIC S7-1500 devices contain a vulnerability that could allow an attacker to inject code by tricking a legitimate user into importing a specially crafted trace file in the web interface. Siemens has released new versions for several affected products and recommends to update to the...
Siemens多款产品 跨站脚本漏洞
SIMATIC S7-1500 is an industrial controller from Siemens. A stored cross-site scripting vulnerability exists in the Siemens SIMATIC S7-1500, which can be exploited by an attacker to inject code by tricking a legitimate user into importing a specially crafted trace file in a web interface...
GTKWave 资源管理错误漏洞
GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. GTKWave suffers from a memory misreference vulnerability that can be exploited by an attacker to cause arbitrary code execution via a specially crafted fst file...
The vulnerability of the ISAKMP discriver in the Wireshark traffic analyzer program, related to the swapping of the zero pointer, allows a hacker to trigger a service failure.
The vulnerability of the ISAKMP discriver in the Wireshark traffic analyzer program is related to the assignment of a zero pointer. Exploiting this vulnerability allows a malicious actor to cause a service failure using a specially crafted trace file...
wireshark: DoS (application crash) in the Netmon file parser (wnpa-sec-2013-51)
The netmonopen function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to cause a denial of service application crash via a crafted packet-trace file...
DEBIAN-CVE-2009-3550
The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party...