Fedora 23 : xen-4.5.1-9.fc23 (2015-28cfce6702)

ui/vnc: limit clientcuttext msg payload size CVE-2015-5239 1259504, e1000: Avoid infinite loop in processing transmit descriptor CVE-2015-6815 1260224, net: add checks to validate ring buffer pointers CVE-2015-5279 1263278, net: avoid infinite loop when receiving packets CVE-2015-5278 1263281, qe...

UBUNTU-CVE-2016-2782

The treoattach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by inserting a USB device that lacks a 1 bulk-in or 2...

UBUNTU-CVE-2016-2391

The ohcibusstart function in the USB OHCI emulation support hw/usb/hcd-ohci.c in QEMU allows local guest OS administrators to cause a denial of service NULL pointer dereference and QEMU process crash via vectors related to multiple eoftimers...

Exploit for CVE-2016-2384

Linux kernel exploits ===================== | Date | Link | Des...

DEBIAN-CVE-2015-7566

The clie5attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint...

The vulnerability of the Cisco Firepower Extensible Operating System allows a intruder to trigger a maintenance failure.

The vulnerability of the Cisco Firepower Extensible Operating System’s driver exists due to insufficient verification of input data. Exploiting this vulnerability allows a malicious actor, operating locally, to trigger a service failure using a pre-prepared USB device that transmits erroneous USB...

Advantech EKI-132x Device Authentication Bypass Vulnerability

Advantech EKI-132x is a serial device networking server from Advantech China that provides various redundant configurations and multiple access configurations for remote monitoring of serial devices via Ethernet communication protocol. A security vulnerability exists in Advantech EKI-132x devices...

DigiOne IAP Serial 弱口令

参考链接: http://web-material3.yokogawa.com/IMMW100EIP.pdf...

CVE-2015-8252

The Frontel protocol before 3 on RSI Video Technologies Videofied devices sends a cleartext serial number, which allows remote attackers to determine a hardcoded key by sniffing the network and performing a "jumbled up" calculation with this number...

Hardcoded credentials

The Frontel protocol before 3 on RSI Video Technologies Videofied devices sends a cleartext serial number, which allows remote attackers to determine a hardcoded key by sniffing the network and performing a "jumbled up" calculation with this number...

CVE-2015-8252

The Frontel protocol before 3 on RSI Video Technologies Videofied devices sends a cleartext serial number, which allows remote attackers to determine a hardcoded key by sniffing the network and performing a "jumbled up" calculation with this number...

CVE-2015-8252

The CVE-2015-8252 issue affects RSI Video Technologies Videofied Frontel protocol (pre-3). The vulnerability stems from a pre-shared key that is entirely derived from the device serial number, which is transmitted in clear text. An attacker can sniff the network, recover the device serial number,...

WIMAX LX350P(WIXFMR-108) - Multiple Vulnerabilities

Exploit for hardware platform in category web applications Exploit Title: WIMAX LX350PWIXFMR-108 - Multiple Vulnerabilities Date: ˝Friday, ˝December ˝11, ˝2015 Exploit/Vulnerability Author: Alireza Azimzadeh Milani alimp5 Vendor Homepage: http://www.greenpacket.com Version: v2.10.14-g1.5.2 Tested...

Dahua DVR Auth Bypass Scanner

Scans for Dahua-based DVRs and then grabs settings. Optionally resets a user's password and clears the device logs This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule %qDahua DVR Auth Bypass Scanner...

KLA10704 Multiple vulnerabilities in ARRIS cable modems.

Multiple serious vulnerabilities have been found in ARRIS cable modems. Malicious users can exploit these vulnerabilities to gain privileges or inject arbitrary code. Below is a complete list of vulnerabilities: 1. Predictable technician password can be exploited remotely to gain technician...

RSI Video Technologies Frontel Hard-Coded Encryption Vulnerability

RSI Video Technologies Frontel is a suite of receiver software for monitoring Videofied wireless video alarm systems from the French company RSI Video Technologies. A security vulnerability exists in RSI Video Technologies Frontel that stems from the program's use of a pre-shared key that is...

Trust Management Vulnerability in Multiple Arris Devices

The Arris DG860A, TG862A and TG862G are modem products from the Arris Group of Companies. A security vulnerability exists in a number of Arris devices that stems from a program using hard-coded passwords based on serial numbers. The vulnerability can be exploited by a remote attacker to gain acce...

Linux kernel "drivers/usb/serial/whiteheat.c" 拒绝服务漏洞

No description provided by source...

DEBIAN-CVE-2015-5257

drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows physically proximate attackers to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecified other impact via a crafted USB device. NOTE: this ID was incorrectly used for an Apache Cordova issue...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2794-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2794-1 advisory. It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind...