29 matches found
CVE-2024-39675
A vulnerability has been identified in RUGGEDCOM RMC30 All versions V4.3.10, RUGGEDCOM RMC30NC All versions V4.3.10, RUGGEDCOM RP110 All versions V4.3.10, RUGGEDCOM RP110NC All versions V4.3.10, RUGGEDCOM RS400 All versions V4.3.10, RUGGEDCOM RS400NC All versions V4.3.10, RUGGEDCOM RS401 All...
Unauthenticated Information Disclosure
signalk-server is vulnerable to unauthenticated information disclosure. The vulnerability is due to missing authentication checks on sensitive endpoints, which allows an attacker to retrieve internal system details such as the full SignalK data schema, connected serial devices, and installed...
CVE-2025-68273
Signal K Server is a server application that runs on a central hub in a boat. An unauthenticated information disclosure vulnerability in versions prior to 2.19.0 allows any user to retrieve sensitive system information, including the full SignalK data schema, connected serial devices, and install...
CVE-2025-67269
A flaw was found in gpsd. A remote attacker can exploit this vulnerability by sending a specially crafted NAVCOM packet. When parsing the packet, an error in calculating the payload length can cause the system to attempt to process an extremely large amount of data. This leads to excessive CPU...
EUVD-2025-206138
Signal K Server Vulnerable to Unauthenticated Information Disclosure via Exposed Endpoints...
CVE-2025-68273
Signal K Server is a server application that runs on a central hub in a boat. An unauthenticated information disclosure vulnerability in versions prior to 2.19.0 allows any user to retrieve sensitive system information, including the full SignalK data schema, connected serial devices, and install...
CVE-2025-68273 Signal K Server Vulnerable to Unauthenticated Information Disclosure via Exposed Endpoints
Signal K Server is a server application that runs on a central hub in a boat. An unauthenticated information disclosure vulnerability in versions prior to 2.19.0 allows any user to retrieve sensitive system information, including the full SignalK data schema, connected serial devices, and install...
CVE-2025-68273 Signal K Server Vulnerable to Unauthenticated Information Disclosure via Exposed Endpoints
Signal K Server is a server application that runs on a central hub in a boat. An unauthenticated information disclosure vulnerability in versions prior to 2.19.0 allows any user to retrieve sensitive system information, including the full SignalK data schema, connected serial devices, and install...
CVE-2025-68273 Signal K Server Vulnerable to Unauthenticated Information Disclosure via Exposed Endpoints
Signal K Server is a server application that runs on a central hub in a boat. An unauthenticated information disclosure vulnerability in versions prior to 2.19.0 allows any user to retrieve sensitive system information, including the full SignalK data schema, connected serial devices, and install...
CVE-2025-68273
Summary: CVE-2025-68273 affects Signal K Server prior to version 2.19.0, exposing unauthenticated information via exposed endpoints and enabling information disclosure of the vessel data schema, connected serial devices, and analyzer tools. The root cause is missing authentication protection for ...
PT-2026-1022
Name of the Vulnerable Software and Affected Versions Signal K Server versions prior to 2.19.0 Description Signal K Server, a server application used on boats, has an information disclosure issue. An unauthenticated user can access sensitive system information. This includes the complete SignalK...
EUVD-2024-38180
Malicious code in bioql PyPI...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an incorrect boundary check for new port values when handling USB serial devices, resulting in a null pointer...
The vulnerability of the industrial server for serial devices of Korenix JetPort, related to deficiencies in authentication procedures, allows attackers to circumvent existing security restrictions.
The vulnerability of the industrial server for serial devices of Korenix JetPort is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions remotely...
The vulnerability of the industrial server for serial devices of Korenix JetPort lies in the absence of encrypted confidential data, which allows attackers to circumvent existing security restrictions.
The vulnerability of the industrial server for serial devices of Korenix JetPort lies in the absence of encrypted confidential data. Exploiting this vulnerability could allow a malicious actor to bypass existing security restrictions remotely...
CLSA-2024-1723494706 Fix of 19 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-42068 - bpf: Take return from setmemoryro into account with bpfproglockro CVE-url: https://ubuntu.com/security/CVE-2024-42079 - gfs2: Fix NULL pointer dereference in gfs2logflush CVE-url: https://ubuntu.com/security/CVE-2024-42226 - usb: xhci: prevent...
CVE-2024-39675
A vulnerability has been identified in RUGGEDCOM RMC30 All versions V4.3.10, RUGGEDCOM RMC30NC All versions V4.3.10, RUGGEDCOM RP110 All versions V4.3.10, RUGGEDCOM RP110NC All versions V4.3.10, RUGGEDCOM RS400 All versions V4.3.10, RUGGEDCOM RS400NC All versions V4.3.10, RUGGEDCOM RS401 All...
PT-2024-5179 · Siemens · Ruggedcom Rs920L +10
Name of the Vulnerable Software and Affected Versions: RUGGEDCOM RMC30 versions prior to V4.3.10 RUGGEDCOM RMC30NC versions prior to V4.3.10 RUGGEDCOM RP110 versions prior to V4.3.10 RUGGEDCOM RP110NC versions prior to V4.3.10 RUGGEDCOM RS400 versions prior to V4.3.10 RUGGEDCOM RS400NC versions...
Digi RealPort 安全漏洞
Digi RealPort is a proprietary Serial-over-LAN encapsulation protocol. It provides virtual connectivity to serial devices anywhere on the network by encapsulating ICS protocol data in a TCP-based protocol. A security vulnerability exists in the Digi RealPort Protocol that stems from vulnerability...
MOXA NPort IAW5000A-I/O Series Hard-Coded Credential Vulnerability
MOXA NPort IAW5000A-I/O Series is a wireless device server for use in industrial environments from MOXA, China. The server enables the integration of field serial devices with wireless Ethernet networks and incorporates digital IOs for industrial data acquisition applications. A hard-coded...