MELSEC-F FX3U-ENET代码问题漏洞

MELSEC-F FX3U-ENET is an Ethernet interface block from mitsubishielectric. A code issue vulnerability exists in the MELSEC-F FX3U-ENET. The vulnerability arises from an improper design or implementation during code development for a network system or product...

The vulnerability of the HMS Industrial Networks AB eCatcher network software, caused by buffer overflow in the stack, allows a hacker to execute arbitrary code.

The vulnerability of the network software solution HMS Industrial Networks AB’s eCatcher is caused by a buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Siemens network software vulnerabilities, related to buffer overflows in dynamic memory, allow attackers to execute arbitrary code or cause system failures.

The vulnerability of Siemens network software is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause service interruptions...

Siemens network software vulnerabilities, related to an uncontrolled search element, allow attackers to execute arbitrary code or cause service failures.

Siemens’ network software vulnerabilities are related to an uncontrolled element in the search process. Exploiting these vulnerabilities can allow attackers to execute arbitrary code or cause service failures...

The vulnerability of the Application Layer DNS Gateway Function (ALG) of Cisco IOS XE, which allows a hacker to trigger a device reboot or cause a service failure.

The vulnerability of the Application Layer DNS Gateway Function ALG of Cisco IOS XE lies in insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to trigger a device reboot or cause service failure through a specially crafted DNS packet...

CVE-2021-1434

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system. This vulnerability is due to insufficient validation of the parameters of a specific CLI command. An attacker could exploit this...

SINEC NMS 路径遍历漏洞

Siemens SINE CNMS is the new generation of network management system Enterprise for digital libraries. This system can be used to centrally monitor, manage and configure networks.Siemens SINEMA Server is Siemens' network monitoring and management software for industrial Ethernet. A directory...

Tufin Securechange Cross-Site Scripting Vulnerability

Tufin Securechange is a network management software for enterprise environments from Tufin USA. A cross-site scripting vulnerability exists in Tufin SecureChange prior to R19.3 HF3 and R20-1 HF1, which stems from a lack of proper validation of client-side data by the WEB application. An attacker...

Cisco IOS XE Information Disclosure and Denial of Service Vulnerability (CNVD-2020-57582)

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. An information disclosure and denial of service vulnerability exists in the Web management framework of Cisco IOS XE. An attacker could exploit this vulnerability to gain...

Cisco IOS XE Privilege Permission and Access Control Issues Vulnerability (CNVD-2020-31965)

Cisco IOS XE is the United States Cisco Cisco company's set of operating system developed for its network equipment. A privilege-granting and access-control issue vulnerability exists in Virtual Services Container in Cisco IOS XE Software, which arises from the program's failure to adequately...

Cisco IOS XE Software Command Injection Vulnerability

Cisco IOS XE is the United States Cisco Cisco company's set of operating system developed for its network equipment. A command injection vulnerability exists in the Web UI in Cisco IOS XE Software, which stems from a lack of validation of user input. An attacker can exploit this vulnerability by...

Cisco IOS XE Command Injection Vulnerability (CNVD-2020-31974)

Cisco IOS XE is the United States Cisco Cisco company's set of operating system developed for its network equipment. A command injection vulnerability exists in the Web UI in Cisco IOS XE, which stems from the program failing to perform sufficient input validation for HTTP requests. A remote...

The vulnerability of the Istio network software lies in its ability to enter an infinite loop when certain input data is provided. This allows a malicious actor to cause a service failure.

The vulnerability of the Istio network software is related to entering an infinite loop when certain input data is provided. Exploiting this vulnerability can allow a attacker to cause service failures...

Cisco IOS XR Resource Management Error Vulnerability (CNVD-2020-14349)

Cisco IOS XR is a set of operating systems developed by the American company Cisco Cisco for its network equipment. A security vulnerability exists in Cisco IOS XR. The vulnerability stems from mismanagement of system resources e.g., memory, disk space, files, etc. by the network system or produc...

This Week in Security News: Trend Micro Launches its XDR Center in India and EU Reports 5G Cybersecurity Risks

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about Trend Micro’s new XDR Center in India that will help solve data sovereignty issues. Also, read about 5G network software use bei...

CVE-2019-12667

A vulnerability in the web framework code of Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of the affected software. The vulnerability is due to insufficient input validation of some...

CVE-2019-1946

A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an unauthenticated, remote attacker to bypass authentication and get limited access to the web-based management interface. The vulnerability is due to an incorrect implementatio...

CVE-2019-1919 Cisco FindIT Network Management Software Static Credentials Vulnerability

A vulnerability in the Cisco FindIT Network Management Software virtual machine VM images could allow an unauthenticated, local attacker who has access to the VM console to log in to the device with a static account that has root privileges. The vulnerability is due to the presence of an account...

CVE-2019-1783

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments...

Cisco IOS XE Software Digital Signature Authentication Bypass Vulnerability

Cisco IOS XE Software is an operating system developed by Cisco for its network devices. A digital signature verification bypass vulnerability exists in the Image Verification feature of Cisco IOS XE Software, which arises from a failure of the affected software to properly verify the electronic...