5 matches found
Use-After-Free in MongoDB FLE Query Analysis When Processing Positional Projections on Encrypted Fields
A use-after-free vulnerability exists in MongoDB's Field-Level Encryption FLE query analysis component, affecting client-side uses of mongocryptd and cryptshared. Triggering this vulnerability requires control over the structure of a client's FLE-related query. This issue impacts MongoDB Server’s...
CVE-2019-10919
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Attackers with access to port 10005/tcp could perform device reconfigurations and obtain project files from the devices. The system manual recommends to protect access to this port. The security vulnerabili...
CVE-2019-10920
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Project data stored on the device, which is accessible via port 10005/tcp, can be decrypted due to a hardcoded encryption key. The security vulnerability could be exploited by an unauthenticated attacker wi...
CVE-2019-1840
A vulnerability in the DHCPv6 input packet processor of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to restart the server and cause a denial of service DoS condition on the affected system. The vulnerability is due to incomplete user-supplied input validation whe...
Advantech WebAccess Input Validation Vulnerability
Advantech WebAccess is a set of HMI/SCADA software from Advantech based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. An input validation vulnerability exists in versions of...