127 matches found
多款EMCO Software产品安全漏洞
EMCO Software EMCO MSI Package Builder for Windows is a product of EMCO Software Iceland. EMCO Software EMCO MSI Package Builder for Windows is a software tool for creating Windows Installer packages. EMCO Software EMCO MSI Package Builder for Windows is a software tool for creating Windows...
The vulnerability of Microsoft Teams’ corporate platform for Android, which stems from insufficient validation of input data, allows a hacker to trigger an emergency shutdown of the application.
The vulnerability of Microsoft Teams’ corporate platform for Android exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to cause the application to crash remotely...
CVE-2022-25250
When connecting to a certain port Axeda agent All versions and Axeda Desktop Server for Windows All versions may allow an attacker to send a certain command to a specific port without authentication. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to sh...
Canon LBP223 Licensing Issue Vulnerability
Canon LBP223 is a printer from Canon Japan. The Canon LBP223 printer has an authorization issue vulnerability, which stems from the fact that the LBP223 printer system management mode login does not require an account password or PIN. attackers can use this vulnerability to enter the background a...
Denial of service
In Canon LBP223 printers, the System Manager Mode login does not require an account password or PIN. An attacker can remotely shut down the device after entering the background, creating a denial of service vulnerability...
CVE-2021-43471
Affected product: Canon LBP223 printers. Vulnerability: System Manager Mode login accepts no password or PIN, enabling an attacker to gain access and remotely shut down the device, causing a denial-of-service. Root cause: Lack of authentication for System Manager Mode login. Impact: Network-acces...
Canon LBP223 安全漏洞
Canon LBP223 is a printer from Canon Japan. The Canon LBP223 printer has an authorization issue vulnerability, which stems from the fact that the LBP223 printer system management mode login does not require an account password or PIN. attackers can use this vulnerability to enter the background a...
CVE-2021-32783
Contour is a Kubernetes ingress controller using Envoy proxy. In Contour before version 1.17.1 a specially crafted ExternalName type Service may be used to access Envoy's admin interface, which Contour normally prevents from access outside the Envoy container. This can be used to shut down Envoy...
PT-2021-19929 · Contour +1 · Contour +1
Name of the Vulnerable Software and Affected Versions: Contour versions prior to 1.17.1 Contour versions prior to 1.18.0 Description: A specially crafted ExternalName type Service may be used to access Envoy's admin interface, which Contour normally prevents from access outside the Envoy containe...
Philips Interventional Workstations
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Low skill level to exploit Vendor: Philips Equipment: Philips Interventional WorkSpot, Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live, ViewForum Vulnerability: OS Command Injection 2. RISK EVALUATION Successful exploitation of this...
The vulnerability of the Junos operating system arises from an operation that goes beyond the buffer boundaries in memory, allowing a attacker to trigger an emergency shutdown of the kernel’s memory dump process.
The vulnerability of the Junos operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor, operating remotely, to cause a failure in the kernel’s memory dump process due to receiving an incorrect DHCPv6 packet...
The vulnerability of the software in Schneider Electric Easergy T300 (HU250) web-servers, a modular control system for automating transformer substations, allows a perpetrator to shut down the web-server service.
The vulnerability of the software for the web server of the micro-programming controller for transformer automation of Schneider Electric Easergy T300 HU250 exists due to insufficient verification of input data. Exploiting this vulnerability could allow a malicious actor to remotely shut down the...
DEBIAN-CVE-2020-12066
CServer::SendMsg in engine/server/server.cpp in Teeworlds 0.7.x before 0.7.5 allows remote attackers to shut down the server...
UBUNTU-CVE-2020-12066
CServer::SendMsg in engine/server/server.cpp in Teeworlds 0.7.x before 0.7.5 allows remote attackers to shut down the server...
CVE-2019-19833
In Tautulli 2.1.9, CSRF in the /shutdown URI allows an attacker to shut down the remote media server. Also, anonymous access can be achieved in applications that do not have a user login area...
PYSEC-2019-254
In Tautulli 2.1.9, CSRF in the /shutdown URI allows an attacker to shut down the remote media server. Also, anonymous access can be achieved in applications that do not have a user login area...
CVE-2019-19833
CVE-2019-19833 affects Tautulli (2.1.9 and earlier). A CSRF flaw in the /shutdown URI allows an attacker to remotely shut down the media server; some sources also note unauthenticated/shutdown via this endpoint in apps without login. The NVD/ATT&CK notes show impact as a shutdown/DoS risk with ne...
GHSA-JVPP-HXJJ-5CCC Improper Input Validation and Missing Authentication for Critical Function in Apache ActiveMQ
It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client...
CVE-2015-7559
It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client...
CVE-2015-7559
It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client...