6175 matches found
Cisco IOS XE Arbitrary Code Execution Vulnerability
Cisco IOS XE is a set of operating systems developed by Cisco for its network devices. An arbitrary code execution vulnerability exists in the file system of Cisco IOS XE. The vulnerability stems from insufficient file location validation. An attacker could exploit this vulnerability by placing...
[SECURITY] Fedora 30 Update: blis-0.6.0-4.fc30
BLIS is a portable software framework for instantiating high-performance BLAS-like dense linear algebra libraries. The framework was designed to isolate essential kernels of computation that, when optimized, immediately enable optimized implementations of most of its commonly used and...
Schneider Electric BMXNOR0200H Ethernet/Serial RTU Module Access Control Error Vulnerability
The Schneider Electric BMXNOR0200H Ethernet/Serial RTU module is an Ethernet Serial RTU Remote Terminal Unit module from Schneider Electric, France. An access control error vulnerability exists in the Schneider Electric BMXNOR0200H Ethernet/Serial RTU module. The vulnerability arises from the...
PT-2019-4413 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.3.11 Description: The issue is related to a memory leak in the ath10k usb hif tx sg function, which can be triggered by usb submit urb failures, leading to a denial of service due to memory consumption. This ca...
CVE-2019-6810
CWE-284: Improper Access Control vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module all firmware versions, which could cause the execution of commands by unauthorized users when using IEC 60870-5-104 protocol...
Improper access control
CWE-284: Improper Access Control vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module all firmware versions, which could cause the execution of commands by unauthorized users when using IEC 60870-5-104 protocol...
Design/Logic Flaw
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module all firmware versions, which could cause disconnection of active connections when an unusually high number of IEC 60870- 5-104 packets are received by the module on por...
CVE-2019-6813
The CVE-2019-6813 vulnerability affects Schneider Electric BMXNOR0200H Ethernet/Serial RTU modules and Modicon M340 controllers (all firmware versions). It is a CWE-754 improper check for unusual or exceptional conditions that could cause a denial of service when truncated SNMP packets are receiv...
CVE-2019-6810
CVE-2019-6810 affects Schneider Electric BMXNOR0200H Ethernet/Serial RTU module (all firmware versions). The vulnerability is an improper access control that could allow unauthorized users to execute commands when using IEC 60870-5-104. Impact is described as potential remote command execution wi...
CVE-2019-6831
CVE-2019-6831 affects the BMXNOR0200H Ethernet/Serial RTU module (all firmware versions), causing disconnection of active connections when an unusually high number of IEC 60870-5-104 packets are received on port 2404/TCP. Affected CVSS: v3.1 base score 8.6 (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H). E...
CVE-2019-6831
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module all firmware versions, which could cause disconnection of active connections when an unusually high number of IEC 60870- 5-104 packets are received by the module on por...
PT-2019-18369 · Moxa · Bmxnor0200H Ethernet / Serial Rtu Module
Name of the Vulnerable Software and Affected Versions: BMXNOR0200H Ethernet / Serial RTU module all firmware versions Description: A vulnerability exists in the BMXNOR0200H Ethernet / Serial RTU module, which could cause disconnection of active connections when an unusually high number of IEC...
[SECURITY] Fedora 31 Update: blis-0.6.0-4.fc31
BLIS is a portable software framework for instantiating high-performance BLAS-like dense linear algebra libraries. The framework was designed to isolate essential kernels of computation that, when optimized, immediately enable optimized implementations of most of its commonly used and...
Folder Lock 7.7.9 - Denial of Service
Exploit Title: Folder Lock v7.7.9 Denial of Service Exploit Date: 12.09.2019 Vendor Homepage:https://www.newsoftwares.net/folderlock/ Software Link: https://www.newsoftwares.net/download/folderlock7-en/folder-lock-en.exe Exploit Author: Achilles Tested Version: 7.7.9 Tested on: Windows 7 x64 1.-...
kernel: Use-after-free in sound/usb/card.c:usb_audio_probe()
A flaw was found In the Linux kernel, through version 4.19.6, where a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device with zero interfaces that is mishandled in usbaudioprobe in sound/usb/card.c. An attacker could corrupt memory and possibly...
kernel: brcmfmac frame validation bypass
If the brcmfmac driver receives a firmware event frame from a remote source, the iswlceventframe function will cause this frame to be discarded and not be processed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be...
kernel: brcmfmac frame validation bypass
If the brcmfmac driver receives a firmware event frame from a remote source, the iswlceventframe function will cause this frame to be discarded and not be processed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be...
Folder Lock v7.7.9 Denial of Service Exploit
Exploit Title: Folder Lock v7.7.9 Denial of Service Exploit Date: 12.09.2019 Vendor Homepage:https://www.newsoftwares.net/folderlock/ Software Link: https://www.newsoftwares.net/download/folderlock7-en/folder-lock-en.exe Exploit Author: Achilles Tested Version: 7.7.9 Tested on: Windows 7 x64 1.-...
Google Android USB Driver Elevation of Privilege Vulnerability
Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA.USB driver is one of the Universal Serial Bus USB drivers. A privilege elevation vulnerability exists in the USB driver in Android. An attacker can exploit this vulnerability to elevate privileges...
Linux kernel memory misreference vulnerability (CNVD-2019-31651)
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. Linux kernel versions prior to 5.0.5 have a memory misreference vulnerability when hciuartregisterdev fails in hciuartsetproto in drivers/bluetooth/hcildisc.c. The...