CVE-2019-10203

PowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1.x before 4.1.11, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS...

UBUNTU-CVE-2019-10203

PowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1.x before 4.1.11, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS...

Denial Of Service (DoS)

openjdk is vulnerable to denial of service. It was discovered that the implementation of the Throwable class in the Utilities component of OpenJDK did not sufficiently validate serial stream before deserializing suppressed exceptions. A specially-crafted input could cause a Java application to...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4076-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4076-1 advisory. It was discovered that a race condition existed in the Serial Attached SCSI SAS implementation in the Linux kernel. A local attacker could possibly use...

DEBIAN-CVE-2019-13631

In parsehidreportdescriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages...

NETGEAR WiFi Router JWNR2010v5 R6080 - Authentication Bypass

NETGEAR WiFi Router JWNR2010v5 R6080 - Authentication Bypass Exploit Title: NETGEAR WiFi Router R6080 - Security Questions Answers Disclosure Date: 13/07/2019 Exploit Author: Wadeek Hardware Version: R6080-100PES Firmware Version: 1.0.0.34 / 1.0.0.40 Vendor Homepage:...

CVE-2019-10966

In GE Aestiva and Aespire versions 7100 and 7900, a vulnerability exists where serial devices are connected via an added unsecured terminal server to a TCP/IP network configuration, which could allow an attacker to remotely modify device configuration and silence alarms...

CVE-2019-10966

In GE Aestiva and Aespire versions 7100 and 7900, a vulnerability exists where serial devices are connected via an added unsecured terminal server to a TCP/IP network configuration, which could allow an attacker to remotely modify device configuration and silence alarms...

CVE-2019-3950

Arlo Basestation firmware 1.12.0.127940 and prior contain a hardcoded username and password combination that allows root access to the device when an onboard serial interface is connected to...

CVE-2019-3950

Arlo Basestation firmware 1.12.0.127940 and prior contain a hardcoded username and password combination that allows root access to the device when an onboard serial interface is connected to...

The vulnerability of the built-in software of the “Granite-Navigator-6.18” device is caused by an overflow in the buffer on the stack, allowing a intruder to trigger a service failure.

The vulnerability of the built-in software of the “Granite-Navigator-6.18” device is caused by an overflow in the buffer on the stack. Exploiting this vulnerability can allow a malicious actor to cause a service failure when connecting to the device using a UART adapter the operation of switching...

CVE-2017-8228

Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices mishandle reboots within the past two hours. Amcrest cloud services does not perform a thorough verification when allowing the user to add a new camera to the user's account to ensure that the user actually owns the camera other than knowing the...

CVE-2018-15555

On Telus Actiontec WEB6000Q v1.1.02.22 devices, an attacker can login with root level access with the user "root" and password "admin" by using the enabled onboard UART headers...

CVE-2018-15556

The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers...

The vulnerability in the implementation of the udc_pci_probe handler in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the udcpciprobe handler in the Linux kernel’s drivers/usb/gadget/udc/amd5536udc.ko module is related to the repeated memory release mechanism. Exploiting this vulnerability can allow an attacker to cause a system failure by connecting an AMD5536 UDC device, which appears as a...

The vulnerability of the if_usb_probe handler in Linux kernel allows a hacker to cause a service failure.

The vulnerability of the ifusbprobe handler in the drivers/net/wireless/libertas/usb8xxx.ko module of the Linux kernel is related to a memory leak in the implementation. Exploiting this vulnerability can allow an attacker to cause a system failure by connecting a Marvell 8388 USB WLAN device. Thi...

CVE-2019-7229

The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its software components: "Utilization of USB/SD Card to flash the device" and "Remote provisioning process via ABB Panel Builder 600 over FTP." Neither of these transmission methods implements any form of...

Buffer Overflow Vulnerability in Realterm Serial Termianl Software

Realterm is an engineer's terminal program designed specifically for capturing, controlling and debugging binary and other difficult data streams. A buffer overflow vulnerability exists in the Realterm Serial Termianl software that can be exploited by an attacker to cause a denial of service to t...

CVE-2019-9676

Buffer overflow vulnerability found in some Dahua IP Camera devices IPC-HFW1XXX,IPC-HDW1XXX,IPC-HFW2XXX Build before 2018/11. The vulnerability exits in the function of redirection display for serial port printing information, which can not be used by product basic functions. After an attacker lo...

Buffer overflow

Buffer overflow vulnerability found in some Dahua IP Camera devices IPC-HFW1XXX,IPC-HDW1XXX,IPC-HFW2XXX Build before 2018/11. The vulnerability exits in the function of redirection display for serial port printing information, which can not be used by product basic functions. After an attacker lo...