5 matches found
Cross site scripting
Home assistant is an open source home automation. Whilst auditing the frontend code to identify hidden parameters, Cure53 detected authcallback=1, which is leveraged by the WebSocket authentication logic in tandem with the state parameter. The state parameter contains the hassUrl, which is...
Siemens SIMATIC 安全特征问题漏洞
The LOGO! CMR family is a communication system for monitoring and controlling distributed devices and systems via text messages or e-mail.Siemens SIMATIC RTU3000C is a compact RTU from Siemens, Germany is a low-power remote terminal unit RTU for energy self-sufficiency. A vulnerability in the...
Multiple Embedded TCP/IP Security Feature Issue Vulnerability
Multiple Embedded TCP/IP is a highly efficient embedded stack developed using a verifiable process and in strict compliance with the MISRA coding standard. Multiple Embedded TCP/IP suffers from a security signature issue vulnerability that can be exploited by attackers to spoof or corrupt TCP...
CVE-2002-1463
Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers ISN, which allows remote attackers to spoof connections...
FreeBSD-SA-00:52.tcp-iss
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:52 Security Advisory FreeBSD, Inc. Topic: TCP uses weak initial sequence numbers Category: core Module: kernel Announced: 2000-10-06 Credits: Hacker Emergency Response...