89 matches found
ATEN LCD KVM over IP Switch CL5708IM 安全漏洞
ATEN LCD KVM over IP Switch CL5708IM is an 8-port IP KVM switch with LCD screen from China's ATEN Automation ATEN that supports remote BIOS-level device management. A security vulnerability exists in the ATEN LCD KVM over IP Switch CL5708IM, which originates from a heap buffer overflow and could...
CVE-2024-12655
A vulnerability, which was classified as problematic, has been found in FabulaTech USB over Network 6.0.6.1. Affected by this issue is the function 0x220420 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference. It is possible to launch the...
CVE-2024-12656
A vulnerability, which was classified as problematic, was found in FabulaTech USB over Network 6.0.6.1. This affects the function 0x220448 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The...
CVE-2024-12656 FabulaTech USB over Network IOCT ftusbbus2.sys 0x220448 null pointer dereference
A vulnerability, which was classified as problematic, was found in FabulaTech USB over Network 6.0.6.1. This affects the function 0x220448 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The...
CVE-2024-12654
A vulnerability classified as problematic was found in FabulaTech USB over Network 6.0.6.1. Affected by this vulnerability is the function 0x220408 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference. Attacking locally is a requirement. T...
PT-2024-17695 · Fabulatech · Fabulatech Usb Over Network
Name of the Vulnerable Software and Affected Versions: FabulaTech USB over Network version 6.0.6.1 Description: A problematic issue has been found in the function 0x220420 of the ftusbbus2.sys library in the IOCT Handler component. This issue leads to a null pointer dereference. The attack can be...
FabulaTech USB over Network 安全漏洞
FabulaTech USB over Network is a software solution from FabulaTech that allows you to access remote USB devices over a TCP/IP network or the Internet. A security vulnerability exists in FabulaTech USB over Network version 6.0.6.1 that originates from a null pointer dereference...
FabulaTech USB over Network 安全漏洞
FabulaTech USB over Network is a software solution from FabulaTech that allows you to access remote USB devices over a TCP/IP network or the Internet. A security vulnerability exists in FabulaTech USB over Network version 6.0.6.1, which stems from a function 0x220420 in the ftusbbus2.sys library ...
FabulaTech USB over Network 安全漏洞
FabulaTech USB over Network is a software solution from FabulaTech that allows you to access remote USB devices over a TCP/IP network or the Internet. A security vulnerability exists in FabulaTech USB over Network version 6.0.6.1, which stems from a function 0x220448 in the ftusbbus2.sys library ...
CVE-2024-42442
APTIOV contains a vulnerability in the BIOS where a user or attacker may cause an improper restriction of operations within the bounds of a memory buffer over the network. A successful exploitation of this vulnerability may lead to code execution outside of the intended System Management Mode...
kernel: nvme-tcp: fix UAF when detecting digest errors
A use-after-free vulnerability was found in the Linux kernel in drivers/nvme/host/tcp.c in nvmetcpiowork. This issue can occur when a local user continues to read data after the connection finishes. This flaw allows a malicious user to cause a use-after-free problem...
kernel: NULL pointer dereference in nvmet_tcp_execute_request
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service...
AZL-67581 CVE-2024-27435 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: nvme: fix reconnection fail due to reserved tag allocation We found a issue on production environment while using NVMe over RDMA, adminq reconnect failed forever while remote target and network is ok. After dig into it, we found ...
CVE-2024-32740
The CVE affects Siemens SIMATIC CN 4100 (all versions prior to V3.0). The vulnerability is caused by undocumented users/credentials that could be misused by an attacker to compromise the device locally or over the network. Reported risk is high: CVSSv3.1 base score 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:...
kernel: NULL pointer dereference in nvmet_tcp_build_iovec
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service...
kernel: NULL pointer dereference in nvmet_tcp_execute_request
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service...
kernel: nvme-tcp: don't access released socket during error recovery
A race condition leading to NULL pointer dereference was found in the Linux kernel NVMe-over-TCP driver's error recovery handling. A local user with privileges to execute NVMe management commands can run the 'nvme list' command while NVMe-over-TCP error recovery work is temporarily failing...
Digi RealPort 安全漏洞
Digi RealPort is a proprietary Serial-over-LAN encapsulation protocol. It provides virtual connectivity to serial devices anywhere on the network by encapsulating ICS protocol data in a TCP-based protocol. A security vulnerability exists in the Digi RealPort Protocol that stems from vulnerability...
CVE-2022-22309
The POWER systems FSP is vulnerable to unauthenticated logins through the serial port/TTY interface. This vulnerability can be more critical if the serial port is connected to a serial-over-lan device. IBM X-Force ID: 217095...
CVE-2021-42066
SAP Business One - version 10.0, allows an admin user to view DB password in plain text over the network, which should otherwise be encrypted. For an attacker to discover vulnerable function in-depth application knowledge is required, but once exploited the attacker may be able to completely...