21 matches found
CVE-2026-12659
The CVE-2026-12659 issue affects Rockwell Automation’s Flex 5000® Adapter. It is a denial-of-service vulnerability caused by improper handling of exceptional conditions when processing crafted CIP packets sent to the adapter. The impact is a loss of availability in the affected module and I/O, wi...
CVE-2026-9140
CVE-2026-9140 describes a denial-of-service in 1719-AENTR devices caused by improper handling of a UDP unicast network storm, leading to device overload and loss of communication. Recovery requires a power cycle. The CVSS 4.0 score is 8.7 (HIGH); attack vector is NETWORK with no privileges or use...
EUVD-2026-34144
Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 is vulnerable to a HTTP denial of service via a low number of crafted incomplete HTTP requests, causing a persistent crash that requires physical power cycling to recover...
CVE-2026-36605
Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 is vulnerable to a HTTP denial of service via a low number of crafted incomplete HTTP requests, causing a persistent crash that requires physical power cycling to recover...
CVE-2025-40944
A vulnerability has been identified in SIMATIC ET 200AL IM 157-1 PN 6ES7157-1AB00-0AB0 All versions, SIMATIC ET 200MP IM 155-5 PN HF 6ES7155-5AA00-0AC0 All versions = V4.2.0, SIMATIC ET 200SP IM 155-6 MF HF 6ES7155-6MU00-0CN0 All versions, SIMATIC ET 200SP IM 155-6 PN HA incl. SIPLUS variants All...
PT-2025-41919
Name of the Vulnerable Software and Affected Versions Web Server affected versions not specified Description A denial-of-service issue exists due to a high volume of requests sent to the web server. This can lead to a system crash, requiring a power cycle for recovery and webpage utilization. The...
EUVD-2019-16365
Malware in sbrugna...
EUVD-2025-24828
Malicious code in bioql PyPI...
EUVD-2025-24830
Malicious code in bioql PyPI...
CVE-2025-9041
A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IF8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module returns a connection fault Code 160010, and the module cannot...
CVE-2025-9042
A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IY8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module returns a connection fault Code 160010, and the module cannot...
CVE-2025-9041 Rockwell Automation FLEX 5000 I/O - Module Fault
A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IF8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module returns a connection fault Code 160010, and the module cannot...
CVE-2025-9041 Rockwell Automation FLEX 5000 I/O - Module Fault
A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IF8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module returns a connection fault Code 160010, and the module cannot...
CVE-2021-34144
The Bluetooth Classic implementation in the Zhuhai Jieli AC6366C BT SDK through 0.9.1 does not properly handle the reception of truncated LMPSCOLinkRequest packets while no other BT connections are active, allowing attackers in radio range to prevent new BT connections disabling the AB5301A inqui...
CVE-2025-40556
A vulnerability has been identified in BACnet ATEC 550-440 All versions, BACnet ATEC 550-441 All versions, BACnet ATEC 550-445 All versions, BACnet ATEC 550-446 All versions. Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the sa...
CVE-2025-24510
A vulnerability has been identified in MS/TP Point Pickup Module All versions. Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the same BACnet network to send a specially crafted MSTP message that results in a denial of service...
CVE-2025-24510
The CVE-2025-24510 affects Siemens MS/TP Point Pickup Module (all versions). Affected devices improperly handle certain BACnet MSTP messages, enabling an attacker on the same BACnet network to craft an MSTP message that triggers a denial-of-service, requiring a power cycle to recover. Total impac...
CVE-2025-24341
A vulnerability in the web application of ctrlX OS allows a remote authenticated low-privileged attacker to induce a Denial-of-Service DoS condition on the device via multiple crafted HTTP requests. In the worst case, a full power cycle is needed to regain control of the device...
CVE-2020-7524
Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller V5.0.0.7 and prior which could cause Denial of Service when sending specific crafted IPV4 packet to the controller: Sending a specific IPv4 protocol package to Schneider Electric Modicon M218 Logic Controller can cause IPv4...
siemens.ipphone.txt
From: Michal Zalewski Subject: Another thingy. To: [email protected] -- Standard disclaimer applies. I am speaking as a private person, -- and doing it in completely informal way, which shouldn't be interpreted -- in any other way but as my personal opinions and beliefs, which don't have ...