6174 matches found
Design/Logic Flaw
The 1 Catapult DNP3 I/O driver before 7.2.0.60 and the 2 GE Intelligent Platforms Proficy DNP3 I/O driver before 7.20k, as used in DNPDrv.exe aka the DNP master station server in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY and iFIX, allow physically proximate attackers to cause a deni...
CVE-2013-2823
The 1 Catapult DNP3 I/O driver before 7.2.0.60 and the 2 GE Intelligent Platforms Proficy DNP3 I/O driver before 7.20k, as used in DNPDrv.exe aka the DNP master station server in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY and iFIX, allow physically proximate attackers to cause a deni...
OpenJDK: SerialJavaObject package restriction (JDBC, 8009554)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via vectors related to JDBC. NOTE: the previous...
CCID: Integer overflow, leading to array index error when processing crafted serial number of certain cards
Signedness error in ccidserial.c in libccid in the USB Chip/Smart Card Interface Devices CCID driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negati...
Cisco Unified Computing System Serial over LAN Static Private Key Vulnerability
A vulnerability in the Cisco Unified Computing System Serial over LAN SoL implementation could allow an unauthenticated, remote attacker to perform a man-in-the-middle MITM attack. The vulnerability occurs because the Board Management Controller BMC uses a hard-coded private key. An attacker coul...
Cooper Power Systems Improper Input Validation Vulnerability
OVERVIEW Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation vulnerability in the Cooper Power Systems SMP Gateway DNP3 protocol components. Cooper Power Systems has produced a new firmware version that mitigates this vulnerability. Coope...
Design/Logic Flaw
Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow physically proximate attackers to cause a denial of service infinite loop via crafted input over a serial line...
CVE-2013-2794
CVE-2013-2794 affects Triangle MicroWorks SCADA Data Gateway (v2.50.0309–v3.00.0616), DNP3 .NET Protocol components (v3.06.0.171–v3.15.0.369), and DNP3 ANSI C libraries (v3.06.0000–v3.15.0000). Root cause is improper input validation that can trigger an infinite loop, causing a DoS. IP-connected ...
CVE-2013-2211
The libxenlight libxl toolstack library in Xen 4.0.x, 4.1.x, and 4.2.x uses weak permissions for xenstore keys for paravirtualised and emulated serial console devices, which allows local guest administrators to modify the xenstore value via unspecified vectors...
DEBIAN-CVE-2013-2211
The libxenlight libxl toolstack library in Xen 4.0.x, 4.1.x, and 4.2.x uses weak permissions for xenstore keys for paravirtualised and emulated serial console devices, which allows local guest administrators to modify the xenstore value via unspecified vectors...
CVE-2013-2211
The libxenlight libxl toolstack library in Xen 4.0.x, 4.1.x, and 4.2.x uses weak permissions for xenstore keys for paravirtualised and emulated serial console devices, which allows local guest administrators to modify the xenstore value via unspecified vectors...
CVE-2013-2211
CVE-2013-2211 concerns the Xen hypervisor, where the libxenlight (libxl) toolstack library in Xen 4.0.x, 4.1.x, and 4.2.x uses weak permissions on xenstore keys for paravirtualised and emulated serial console devices. This allows a local guest administrator to modify the xenstore value via unspec...
CVE-2013-2211
The libxenlight libxl toolstack library in Xen 4.0.x, 4.1.x, and 4.2.x uses weak permissions for xenstore keys for paravirtualised and emulated serial console devices, which allows local guest administrators to modify the xenstore value via unspecified vectors...
CVE-2013-2211
The libxenlight libxl toolstack library in Xen 4.0.x, 4.1.x, and 4.2.x uses weak permissions for xenstore keys for paravirtualised and emulated serial console devices, which allows local guest administrators to modify the xenstore value via unspecified vectors...
CVE-2013-2804
The DNP Master Driver in Software Toolbox TOP Server before 5.12.140.0 allows remote attackers to cause a denial of service master-station infinite loop via crafted DNP3 packets to TCP port 20000 and allows physically proximate attackers to cause a denial of service master-station infinite loop v...
Code injection
The DNP Master Driver in Software Toolbox TOP Server before 5.12.140.0 allows remote attackers to cause a denial of service master-station infinite loop via crafted DNP3 packets to TCP port 20000 and allows physically proximate attackers to cause a denial of service master-station infinite loop v...
CVE-2013-2804
The DNP Master Driver in Software Toolbox TOP Server before 5.12.140.0 allows remote attackers to cause a denial of service master-station infinite loop via crafted DNP3 packets to TCP port 20000 and allows physically proximate attackers to cause a denial of service master-station infinite loop v...
CVE-2013-2804
CVE-2013-2804 affects Software Toolbox TOP Server DNP Master Driver (OPC Server) on Windows, before version 5.12.140.0. Root cause: improper input validation that allows crafted DNP3 traffic to TCP port 20000 or crafted input over serialization to cause the master to enter an infinite loop and cr...
CVE-2013-2789
The Kepware DNP Master Driver for the KEPServerEX Communications Platform before 5.12.140.0 allows remote attackers to cause a denial of service master-station infinite loop via crafted DNP3 packets to TCP port 20000 and allows physically proximate attackers to cause a denial of service...
Code injection
The Kepware DNP Master Driver for the KEPServerEX Communications Platform before 5.12.140.0 allows remote attackers to cause a denial of service master-station infinite loop via crafted DNP3 packets to TCP port 20000 and allows physically proximate attackers to cause a denial of service...