Lucene search
K

738 matches found

Prion
Prion
added 2020/10/19 9:15 p.m.17 views

Denial of service

An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a...

7.8CVSS7.3AI score0.03515EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/10/14 1:15 p.m.16 views

Denial of service

An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious...

7.8CVSS7.2AI score0.03515EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/10/14 1:15 p.m.25 views

Denial of service

An exploitable denial of service vulnerability exists in the ENIP Request Path Port Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious...

5CVSS7.3AI score0.03454EPSS
Exploits1References1Affected Software1
Talos
Talos
added 2020/10/13 12:0 a.m.101 views

Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Port Segment Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the ENIP Request Path Port Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a...

7.5CVSS7.4AI score0.03454EPSS
Exploits1
Talos
Talos
added 2020/10/13 12:0 a.m.49 views

Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Logical Segment Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a...

7.8CVSS7.3AI score0.03515EPSS
Exploits2
Talos
Talos
added 2020/10/13 12:0 a.m.46 views

Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Data Segment Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a...

7.8CVSS7.3AI score0.03515EPSS
Exploits2
Talos
Talos
added 2020/06/09 12:0 a.m.30 views

Siemens LOGO! TDE service "NFSAccess" Delete Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the TDE service functionality of Siemens LOGO! 1.82.02, 12/24RCE Version 0BA and 230RCE Version 0BA. A specially crafted network request can cause be used to delete critical system data resulting in a denial of service. An attacker...

9.1CVSS9.1AI score0.0199EPSS
Exploits0
NVD
NVD
added 2020/05/07 1:15 p.m.24 views

CVE-2020-6081

An exploitable code execution vulnerability exists in the PLCTask functionality of 3S-Smart Software Solutions GmbH CODESYS Runtime 3.5.14.30. A specially crafted network request can cause remote code execution. An attacker can send a malicious packet to trigger this vulnerability...

9.9CVSS9.4AI score0.01757EPSS
Exploits1References1
Prion
Prion
added 2020/05/07 1:15 p.m.19 views

Design/Logic Flaw

An exploitable code execution vulnerability exists in the PLCTask functionality of 3S-Smart Software Solutions GmbH CODESYS Runtime 3.5.14.30. A specially crafted network request can cause remote code execution. An attacker can send a malicious packet to trigger this vulnerability...

6.5CVSS9AI score0.01757EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/05/07 12:22 p.m.25 views

CVE-2020-6081

An exploitable code execution vulnerability exists in the PLCTask functionality of 3S-Smart Software Solutions GmbH CODESYS Runtime 3.5.14.30. A specially crafted network request can cause remote code execution. An attacker can send a malicious packet to trigger this vulnerability...

9.9CVSS9AI score0.01757EPSS
Exploits1References1
Talos
Talos
added 2020/05/06 12:0 a.m.93 views

3S-Smart Software Solutions GmbH CODESYS Runtime PLC_Task Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the PLCTask functionality of 3S-Smart Software Solutions GmbH CODESYS Runtime 3.5.14.30. A specially crafted network request can cause remote code execution. An attacker can send a malicious packet to trigger this vulnerability. Tested...

9.9CVSS9.3AI score0.01757EPSS
Exploits1
Talos
Talos
added 2020/05/06 12:0 a.m.42 views

Synology SRM DHCP monitor hostname parsing Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the DHCP monitor’s hostname parsing functionality of Synology SRM 1.2.3 MR2200ac 8017 and 1.2.3 RT2600ac 8017. A specially crafted network request can cause an out-of-bounds read resulting in a denial of service. An attacker can sen...

8.6CVSS8.2AI score0.02445EPSS
Exploits1
Prion
Prion
added 2019/11/14 5:15 p.m.20 views

Input validation

The Coolpad 1851 Android device with a build fingerprint of Coolpad/android/android:8.1.0/O11019/1534834761:userdebug/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.1.13. This app contains an exported service name...

9.3CVSS7.8AI score0.01066EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/11/14 4:25 p.m.25 views

CVE-2019-15389

The Haier A6 Android device with a build fingerprint of Haier/A6/A6:8.1.0/O11019/1534219877:userdebug/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.1.13. This app contains an exported service named...

8AI score0.01066EPSS
Exploits0References1
CVE
CVE
added 2019/07/18 5:48 p.m.72 views

CVE-2019-1010251

Open Information Security Foundation Suricata before version 4.1.2 is affected by a Denial of Service via a DNS detection bypass. The vulnerability affects the app-layer-detect-proto.c, decode.c, decode-teredo.c and decode-ipv6.c modules, allowing an attacker to evade signature detection by sendi...

7.5CVSS7.3AI score0.02125EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2019/06/18 1:15 p.m.5 views

CVE-2018-20013

In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::ProcessPacket metadataid!=0 assertion, leading to shutting down the client application...

7.5CVSS5.8AI score0.01376EPSS
Exploits0References2
NVD
NVD
added 2019/06/18 1:15 p.m.18 views

CVE-2018-20013

In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::ProcessPacket metadataid!=0 assertion, leading to shutting down the client application...

7.5CVSS7.5AI score0.01376EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/05/21 12:0 a.m.27 views

Siemens S7-1200 Series PLC CPU Web Server Network Request Saturation Remote DoS

Binary data 144.prm...

7.3AI score
Exploits0References1
Prion
Prion
added 2019/02/20 8:29 p.m.26 views

Design/Logic Flaw

MikroTik RouterOS before 6.43.12 stable and 6.42.12 long-term is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this vulnerability to bypass the router's firewall or for...

5CVSS7.7AI score0.15697EPSS
Exploits4References3Affected Software1
Prion
Prion
added 2018/12/31 10:29 p.m.17 views

Design/Logic Flaw

react-dev-utils on Windows allows developers to run a local webserver for accepting various commands, including a command to launch an editor. The input to that command was not properly sanitized, allowing an attacker who can make a network request to the server either via CSRF or by direct reque...

10CVSS9.6AI score0.02845EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder