404 matches found
CVE-2017-12082
An exploitable integer overflow exists in the 'CustomData' Mesh loading functionality of the Blender open-source 3d creation suite. A .blend file with a specially crafted external data file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the...
CVE-2017-12082
An exploitable integer overflow exists in the 'CustomData' Mesh loading functionality of the Blender open-source 3d creation suite. A .blend file with a specially crafted external data file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the...
Allen Bradley Micrologix 1400 Series B FRN Access Control Vulnerability (CNVD-2018-08277)
Allen Bradley Micrologix 1400 Series B FRN is a programmable logic controller from Rockwell Automation. An access control vulnerability exists in the data, program, and function file permissions function in the Allen Bradley Micrologix 1400 Series B FRN 21.2 and earlier. An attacker can exploit t...
Allen Bradley Micrologix 1400 Series B FRN Access Control Vulnerability (CNVD-2018-08280)
Allen Bradley Micrologix 1400 Series B FRN is a programmable logic controller from Rockwell Automation. An access control vulnerability exists in the data, program, and function file permissions functions in the Allen Bradley Micrologix 1400 Series B FRN version 21.2 and earlier. An attacker coul...
CVE-2017-14472
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...
CVE-2017-14473
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...
Improper access control
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...
CVE-2017-14473
CVE-2017-14473 is an Unauthenticated Data/Program/Function File Improper Access Control vulnerability affecting Allen-Bradley MicroLogix 1400 Series B FRN 21.2 and earlier (tested up to FRN 21.2, 21.0 and 15). The TALOS advisory (TALOS-2017-0443) describes that an unauthenticated attacker can rea...
CVE-2017-14472
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...
CVE-2017-14473
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...
CVE-2017-14472
CVE-2017-14472 affects Allen Bradley Micrologix 1400 Series B FRN 21.2 and earlier. An unauthenticated attacker can exploit improper access control in the data, program, and function file permissions to read the master password and potentially modify ladder logic or settings via crafted network p...
CVE-2018-1000045
NASA Singledop version v1.0 contains a CWE-502 vulnerability in NASA Singledop library Weather data that can result in remote code execution. This attack appear to be exploitable via Victim opening a specially crafted radar data file. This vulnerability appears to have been fixed in v1.1...
CVE-2018-1000045
NASA Singledop version v1.0 contains a CWE-502 vulnerability in NASA Singledop library Weather data that can result in remote code execution. This attack appear to be exploitable via Victim opening a specially crafted radar data file. This vulnerability appears to have been fixed in v1.1...
CVE-2018-1000048
NASA RtRetrievalFramework version v1.0 contains a CWE-502 vulnerability in Data retrieval functionality of RtRetrieval framework that can result in remote code execution. This attack appear to be exploitable via Victim tries to retrieve and process a weather data file...
Design/Logic Flaw
NASA Singledop version v1.0 contains a CWE-502 vulnerability in NASA Singledop library Weather data that can result in remote code execution. This attack appear to be exploitable via Victim opening a specially crafted radar data file. This vulnerability appears to have been fixed in v1.1...
Design/Logic Flaw
NASA RtRetrievalFramework version v1.0 contains a CWE-502 vulnerability in Data retrieval functionality of RtRetrieval framework that can result in remote code execution. This attack appear to be exploitable via Victim tries to retrieve and process a weather data file...
CVE-2018-1000045
NASA Singledop version v1.0 contains a CWE-502 vulnerability in NASA Singledop library Weather data that can result in remote code execution. This attack appear to be exploitable via Victim opening a specially crafted radar data file. This vulnerability appears to have been fixed in v1.1...
UBUNTU-CVE-2018-6358
The printDefineFont2 function util/listfdb.c in libming through 0.4.8 is vulnerable to a heap-based buffer overflow, which may allow attackers to cause a denial of service or unspecified other impact via a crafted FDB file...
OracleVM 3.4 : microcode_ctl (OVMSA-2018-0003)
The remote OracleVM system is missing necessary patches to address critical security updates : - Enable early microcode load to allow updating Broadwell model 79 - Make sure 'modprobe microcode' is not executed on Broadwell model 79 - Run dracut upon microcode update - Update Intel CPU microde fo...
Oracle Linux 6 : microcode_ctl (ELSA-2018-0013)
The remote Oracle Linux 6 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2018-0013 advisory. 1:1.17-25.2 - Update Intel CPU microde for 06-3f-02, 06-4f-01, and 06-55-04 - Add amd microcodeamdfam17h.bin data file - Resolves: 1527357 1:1.17-25.1 - Update...