175 matches found
CVE-2025-50681
igmpproxy 0.4 before commit 2b30c36 allows remote attackers to cause a denial of service application crash via a crafted IGMPv3 membership report packet with a malicious source address. Due to insufficient validation in the recvigmp function in src/igmpproxy.c, an invalid group record type can...
CVE-2025-50681
igmpproxy 0.4 before commit 2b30c36 allows remote attackers to cause a denial of service application crash via a crafted IGMPv3 membership report packet with a malicious source address. Due to insufficient validation in the recvigmp function in src/igmpproxy.c, an invalid group record type can...
UBUNTU-CVE-2025-50681
igmpproxy 0.4 before commit 2b30c36 allows remote attackers to cause a denial of service application crash via a crafted IGMPv3 membership report packet with a malicious source address. Due to insufficient validation in the recvigmp function in src/igmpproxy.c, an invalid group record type can...
CVE-2025-50681
Summary: CVE-2025-50681 affects igmpproxy 0.4 before commit 2b30c36, allowing remote attackers to cause a denial of service (application crash) by sending crafted IGMPv3 membership reports with a malicious source address. The root cause is insufficient validation in recv_igmp() in src/igmpproxy.c...
PT-2025-52453
igmpproxy 0.4 before commit 2b30c36 allows remote attackers to cause a denial of service application crash via a crafted IGMPv3 membership report packet with a malicious source address. Due to insufficient validation in the recv igmp function in src/igmpproxy.c, an invalid group record type can...
CVE-2025-50681
igmpproxy 0.4 before commit 2b30c36 allows remote attackers to cause a denial of service application crash via a crafted IGMPv3 membership report packet with a malicious source address. Due to insufficient validation in the recvigmp function in src/igmpproxy.c, an invalid group record type can...
Talking to the Airgap: Exploiting Radio-Less Embedded Devices As Radio Receivers
Intelligent electronics are deeply embedded in critical infrastructures and must remain reliable, particularly against deliberate attacks. To minimize risks and impede remote compromise, sensitive systems can be physically isolated from external networks, forming an airgap. Yet, airgaps can still...
WhatWeb Scanner 0.6.3
WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems CMS, blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognize something different...
iND多款产品 安全漏洞
The iND HL330-DLS and others are an embedded hardware terminal from iND Japan. A security vulnerability exists in several iND products. The vulnerability stems from the insecure storage of sensitive information, which may lead to the disclosure of configuration information. The following products...
WhatWeb Scanner 0.6.2
WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems CMS, blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognize something different...
Exploit for Incorrect Default Permissions in Microsoft
This List is no longer updated. Awesome Red Teaming List of Awesome Red Team / Red Teaming Resources This list is for anyone wishing to learn about Red Teaming but do not have a starting point. Anyway, this is a living resources and will update regularly with latest Adversarial Tactics and...
Adaptive Pruning of Deep Neural Networks for Resource-Aware Embedded Intrusion Detection on the Edge
Artificial neural network pruning is a method in which artificial neural network sizes can be reduced while attempting to preserve the predicting capabilities of the network. This is done to make the model smaller or faster during inference time. In this work we analyze the ability of a selection...
The vulnerability of microprogramming software in embedded network control devices of ASPECT Enterprise, NEXUS Series, and MATRIX Series is related to the lack of measures taken to protect the website structure. This allows attackers to carry out XSS attacks.
The vulnerability of microprogramming software in embedded network control devices of ASPECT Enterprise, NEXUS Series, and MATRIX Series is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability can allow a malicious actor to carry out XSS attac...
[SECURITY] Fedora 39 Update: rust-brotli-7.0.0-2.fc39
A brotli compressor and decompressor that with an interface avoiding the rust stdlib. This makes it suitable for embedded devices and kernels. It is designed with a pluggable allocator so that the standard lib's allocator may be employed. The default build also includes a stdlib allocator and...
[SECURITY] Fedora 41 Update: rust-brotli-7.0.0-2.fc41
A brotli compressor and decompressor that with an interface avoiding the rust stdlib. This makes it suitable for embedded devices and kernels. It is designed with a pluggable allocator so that the standard lib's allocator may be employed. The default build also includes a stdlib allocator and...
[SECURITY] Fedora 41 Update: rust-brotli-decompressor-4.0.1-1.fc41
A brotli decompressor that with an interface avoiding the rust stdlib. This makes it suitable for embedded devices and kernels. It is designed with a pluggable allocator so that the standard lib's allocator may be employed. The default build also includes a stdlib allocator and stream interface...
Helpful tools to get started in IoT Assessments
The Internet of Things IoT can be a daunting field to get into. With many different tools and products available on the market it can be confusing to even know where to start. Having performed dozens of IoT assessments, I felt it would be beneficial to compile a basic list of items that are...
OpenWrt 安全漏洞
OpenWrt is a Linux operating system for embedded devices. A security vulnerability exists in OpenWrt that stems from a vulnerability that allows an attacker to hijack a TCP session, potentially leading to a denial of service attack...
MITRE Unveils EMB3D: A Threat-Modeling Framework for Embedded Devices
The MITRE Corporation has officially made available a new threat-modeling framework called EMB3D for makers of embedded devices used in critical infrastructure environments. "The model provides a cultivated knowledge base of cyber threats to embedded devices, providing a common understanding of...
Unspecified Vulnerability in Oracle Java SE (CNVD-2024-24970)
Oracle Java SE is a product of Oracle Corporation.Oracle Java SE is a Java application for the development and deployment of desktop, server, and embedded devices and real-time environments. A security vulnerability exists in Oracle Java SE for Oracle Java SE, Oracle GraalVM for JDK, and Oracle...