Lucene search
+L

230 matches found

OSV
OSV
added 2023/08/03 12:15 p.m.4 views

CVE-2023-37548

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition...

6.5CVSS6.6AI score0.00519EPSS
Exploits0References1
OSV
OSV
added 2023/08/03 12:15 p.m.4 views

CVE-2023-37547

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition...

6.5CVSS5.8AI score0.00519EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/08/03 12:0 a.m.5 views

PT-2023-5006 · 3S Smart Software Solutions · Codesys

Name of the Vulnerable Software and Affected Versions: CODESYS affected versions not specified Description: The issue is related to insufficient input validation in the CmpAppForce component of CODESYS products. This can be exploited by a remote attacker to cause a denial-of-service condition...

6.8CVSS6.1AI score0.00519EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/08/03 12:0 a.m.4 views

Multiple Codesys Products Input Validation Error Vulnerability

3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...

6.5CVSS6.8AI score0.00519EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/08/03 12:0 a.m.7 views

Multiple Codesys Products Input Validation Error Vulnerability

3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...

6.5CVSS6.8AI score0.00519EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/08/03 12:0 a.m.4 views

Multiple Codesys Products Input Validation Error Vulnerability

3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...

6.5CVSS6.8AI score0.00519EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/06 12:0 a.m.5 views

PT-2023-13310 · Qualcomm · Snapdragon +98

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue is related to a memory corruption problem caused by a double free error in automotive systems. This occurs when an invalid HLOS address for one of the lists to be mapped i...

8.4CVSS7.1AI score0.00116EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/05/15 12:0 a.m.6 views

3s-smart Software Solutions CODESYS 输入验证错误漏洞

3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in 3s-smart Software Solutions CODESYS. An authenticated, remote attacker could use this vulnerability to read an invalid address, which...

6.5CVSS7.7AI score0.00862EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/04/03 12:0 a.m.3 views

PT-2023-4167 · 3S Smart Software Solutions · Codesys

Name of the Vulnerable Software and Affected Versions: CODESYS products affected versions not specified Description: The issue is related to improper input validation in the CmpApp/CmpAppBP/CmpAppForce Components of CODESYS products. This can be exploited by an authenticated, remote attacker to...

6.8CVSS7.1AI score0.00862EPSS
Exploits0References7
OSV
OSV
added 2023/03/15 11:15 p.m.72 views

UBUNTU-CVE-2023-28099

OpenSIPS is a Session Initiation Protocol SIP server implementation. Prior to versions 3.1.9 and 3.2.6, if dsisinlist is used with an invalid IP address string NULL is illegal input, OpenSIPS will attempt to print a string from a random address stack garbage, which could lead to a crash. All user...

7.5CVSS5.8AI score0.00905EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/03/15 12:0 a.m.9 views

PT-2023-21559 · Opensips · Opensis

Name of the Vulnerable Software and Affected Versions: OpenSIPS versions prior to 3.1.9 and 3.2.6 Description: OpenSIPS is a Session Initiation Protocol SIP server implementation. If the ds is in list function is used with an invalid IP address string, OpenSIPS will attempt to print a string from...

7.5CVSS7.5AI score0.00905EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.7 views

SUSE CVE-2009-0935

The inotifyread function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29-rc3 allows local users to cause a denial of service OOPS via a read with an invalid address to an inotify instance, which causes the device's event list mutex to be unlocked twice and prevents proper...

5.5CVSS6.1AI score0.0027EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:43 a.m.2 views

SUSE CVE-2012-6054

The dissectsflow245addresstype function in epan/dissectors/packet-sflow.c in the sFlow dissector in Wireshark 1.8.x before 1.8.4 does not properly handle length calculations for an invalid IP address type, which allows remote attackers to cause a denial of service infinite loop via a packet that ...

5CVSS5.5AI score0.02806EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:42 a.m.3 views

SUSE CVE-2013-0433

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Networking. NOTE: the previous information...

5CVSS8.8AI score0.04875EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:31 a.m.9 views

SUSE CVE-2018-5333

In the Linux kernel through 4.14.13, the rdscmsgatomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rdsatomicfreeop NULL pointer dereference...

2.9CVSS6.4AI score0.07679EPSS
Exploits5References14
SUSE CVE
SUSE CVE
added 2023/02/15 4:15 a.m.5 views

SUSE CVE-2019-7663

An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tifdirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted tiff file...

3.3CVSS8.9AI score0.03372EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.3 views

SUSE CVE-2021-26372

Insufficient bound checks related to PCIE in the System Management Unit SMU may result in access to an invalid address space that could result in denial of service...

5.5CVSS5.3AI score0.00212EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.3 views

SUSE CVE-2021-26378

Insufficient bound checks in the System Management Unit SMU may result in access to an invalid address space that could result in denial of service...

5.5CVSS5.3AI score0.00212EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/01/11 12:0 a.m.5 views

AMD System Management Unit(SMU) 缓冲区错误漏洞

The AMD System Management Unit SMU is a system management unit at UltraMicroelectronics AMD. A security vulnerability exists in the AMD System Management Unit SMU that stems from insufficient bind checking and could allow an attacker to update the sender/receiver address space to an invalid value...

7.5CVSS7.3AI score0.00616EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/11/17 11:35 p.m.8 views

CVE-2022-24939 Malformed Zigbee packet with invalid destination address causes Assert

A malformed packet containing an invalid destination address, causes a stack overflow in the Ember ZNet stack. This causes an assert which leads to a reset, immediately clearing the error...

5.7CVSS6.6AI score0.00326EPSS
Exploits0References2
Rows per page
Query Builder