CVE-2020-7202

A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 iLO 5 and Integrated Lights-Out 4 iLO 4 firmware. The vulnerability could be remotely exploited to disclose the serial number and other information...

CVE-2020-7202

A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 iLO 5 and Integrated Lights-Out 4 iLO 4 firmware. The vulnerability could be remotely exploited to disclose the serial number and other information...

HPE Integrated Lights-Out and Integrated Lights-Out 5 Information Disclosure Vulnerabilities

HPE Integrated Lights-Out and HPE Integrated Lights-Out 5 iLO 5 are both products of Hewlett Packard Enterprise hpe, U.S.A. HPE Integrated Lights-Out is a remote control solution. HPE Integrated Lights-Out 5 is a remote control solution that enables remote monitoring and operation and maintenance...

Myndr: No Rate Limit On dashboard.myndr.net/auth

Summary: hello team, I tested a little bit the website and went to registration page where you will give 7 digits to complete your switch serial, i didn't want to go further with brute forcing because it's forbidden how ever i gave a try with a small range of tries and have no message for limitti...

The vulnerability of the uvc_scan_chain_forward function in Android operating system USB drivers allows a hacker to increase their privileges.

The vulnerability of the uvcscanchainforward function in the Android operating system’s USB driver is related to insecure privilege management. Exploiting this vulnerability could allow an attacker to enhance their privileges...

Cryptologists Crack Zodiac Killer's 340 Cipher

A remote team of three hobbyist cryptologists have solved one of the Zodiac Killer’s cipher after a half century. And while the name of the elusive serial killer remains hidden, the breakthrough represents a triumph for cryptology and the basic building blocks of cybersecurity — access control an...

Information disclosure

A sensitive information disclosure vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to get username and password by request /cgi-bin/webadminget.cgi script via the browser...

Vulnerability Spotlight: Two vulnerabilities in Lantronix XPort EDGE

Kelly Leuschner of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.Executive summary Cisco Talos recently discovered two vulnerabilities in the Web Manager functionality of Lantronix XPort EDGE. The XPort EDGE is a next-generation wired Ethernet gateway for providing secure...

Lantronix XPort EDGE Web Manager CSRF vulnerability

Summary An authentication bypass vulnerability exists in the Web Manager functionality of Lantronix XPort EDGE 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 and 4.2.0.0R7. A specially crafted HTTP request can cause increased privileges. An attacker can send an HTTP request to trigger this vulnerability. Test...

UBUNTU-CVE-2020-26421

Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file...

Binary vulnerability in serial port monitor

serial port monitor is a specialized software application that allows reading and logging of serial data through a computer's serial port. A binary vulnerability exists in serial port monitor, which can be exploited by an attacker to cause a computer blue screen, among other things...

Wireshark 缓冲区错误漏洞

Wireshark is a network packet analyzer. Wireshark is a network packet analyzer that captures network packets and displays the most detailed packet information possible.Wireshark uses WinPCAP as an interface to exchange data packets directly with the network card. Wireshark has a denial of service...

Digital Error Vulnerability in Multiple Qualcomm Products

A Qualcomm chip is a chip from Qualcomm Incorporated USA. It is a way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc. and is often fabricated on the surface of semiconductor wafers. A numeric error vulnerability exists in several Qualcomm products, which...

Unauthorized Access Vulnerability in Lenovo Filez Enterprise Web Drive

Lenovo Filez Enterprise Web Disk is an enterprise file collaboration and management platform based on cloud storage. Lenovo Filez Enterprise Nethub has an unauthorized access vulnerability that can be exploited by an attacker to gain unauthorized access to the name of the enterprise, the address ...

The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized.

...

DEBIAN-CVE-2020-25723

A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on t...

Stored XSS Vulnerability in Cognex Serial Server C2000-B2-SFE0101-BB1

The C2000-B2-SFE0101-BB1 Serial Server provides serial-to-network functionality, capable of converting an RS-232 serial port into a TCP/IP protocol network interface. A stored XSS vulnerability exists in the Connex Serial Server C2000-B2-SFE0101-BB1, which can be exploited by attackers to obtain...

Linux kernel null pointer dereference vulnerability (CNVD-2020-66298)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in versions of Linux kernel prior to 5.8, which stems from vulnerability to a null pointer dereference attack in...

CVE-2020-15437

The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250core.c:serial8250isainitports that allows local users to cause a denial of service by using the p-serialin pointer which uninitialized...

DEBIAN-CVE-2020-15437

The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250core.c:serial8250isainitports that allows local users to cause a denial of service by using the p-serialin pointer which uninitialized...