537 matches found
CVE-2020-13556
An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this...
CVE-2020-13530
A denial-of-service vulnerability exists in the Ethernet/IP server functionality of the EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A large number of network requests in a small span of time can cause the running program to stop. An attacker can send a sequence of requests to trigg...
CVE-2024-21785
A leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted series of network requests can lead to unauthorized access. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2024-21827
A leftover debug code vulnerability exists in the cliserver debug functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.4.1 Build 20240117 Rel.57421. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger...
CVE-2024-36980
An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality of OpenPLCv3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted network request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger this...
Zoom Workplace 安全漏洞
Zoom Workplace App for Linux is a Linux application for enterprise communication and collaboration. A denial of service vulnerability exists in Zoom Workplace App for Linux, which stems from the application failing to properly handle specific network requests. An attacker could exploit the...
IBM Storage Defender 安全漏洞
IBM Storage Defender is a solution from International Business Machines IBM that provides end-to-end data resiliency. A security vulnerability exists in IBM Storage Defender that originates from sending network requests over an insecure channel...
PT-2025-3907 · Unknown · Invoice Ninja
Name of the Vulnerable Software and Affected Versions: Invoice Ninja versions 5.8.56 through 5.11.23 Description: Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery SSRF, allowing for arbitrary file read and network resource requests as the application user. This issue enabl...
CVE-2024-52579 Server-Side Request Forgery vulnerability in various APIs in Misskey
Misskey is an open source, federated social media platform. Some APIs using HttpRequestService do not properly check the target host. This vulnerability allows an attacker to send POST or GET requests to the internal server, which may result in a SSRF attack.It allows an attacker to send POST or...
ROS-20241108-03
Vulnerability of multiqtune function of schmultiq component of Linux kernel is related to writing outside of dynamic memory buffer boundaries. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code in kernel mode by executing specially specially...
Debian dla-3941 : libkpathsea-dev - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3941 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3941-1 [email protected]...
The vulnerability of the PFE (evo-pfemand) control demon in JunOS Evolved operating systems allows a intruder to trigger a service failure.
The vulnerability of the PFE evo-pfemand control demon for JunOS Evolved is related to the unlimited distribution of resources. Exploiting this vulnerability allows a malicious actor to cause service failures by executing arbitrary commands through the command line interface, or by sending...
XML External Entity (XXE) Injection
de.gematik.refv.commons:commons is vulnerable to XML External Entity XXE Injection. The vulnerability is due to the insecure default configuration of the WstxInputFactory. An attacker can issue unauthorized network requests or access internal systems by supplying malicious XML content...
CVE-2024-46984 XML External Entity Reference (XXE) vulnerability can lead to a Server Side Request Forgery attack in gematik app-referencevalidator
The reference validator is a tool to perform advanced validation of FHIR resources for TI applications and interoperability standards. The profile location routine in the referencevalidator commons package is vulnerable to XML External Entities attack due to insecure defaults of the used Woodstox...
CVE-2024-46984 XML External Entity Reference (XXE) vulnerability can lead to a Server Side Request Forgery attack in gematik app-referencevalidator
The reference validator is a tool to perform advanced validation of FHIR resources for TI applications and interoperability standards. The profile location routine in the referencevalidator commons package is vulnerable to XML External Entities attack due to insecure defaults of the used Woodstox...
CVE-2024-36980
An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality of OpenPLCv3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted network request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger this...
CVE-2024-36980
An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality of OpenPLCv3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted network request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger this...
CVE-2023-49595
A stack-based buffer overflow vulnerability exists in the boa rollbackcontrolcode functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2023-50239
Two stack-based buffer overflow vulnerabilities exist in the boa setRadvdInterfaceParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger these...
CVE-2023-50240
Two stack-based buffer overflow vulnerabilities exist in the boa setRadvdInterfaceParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger these...