JVN#64316789: Multiple vulnerabilities in SoftEther VPN and PacketiX VPN

SoftEther VPN provided by University of Tsukuba SoftEther VPN Project and PacketiX VPN provided by SoftEther Corporation contain multiple vulnerabilities listed below in VPN Client function, and Dynamic DNS Client function included in the VPN server. Heap-based buffer overflow CWE-122 -...

Design/Logic Flaw

A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer Engineering Laboratories SEL Real-Time Automation Controller RTAC could allow a remote attacker to perform a man-in-the-middle MiTM that could result in denial of service. See the ACSELERATOR RTAC SEL-5033 Software instruction...

CVE-2023-2310

CVE-2023-2310 affects Schweitzer Engineering Laboratories SEL Real-Time Automation Controller (RTAC). Connected docs describe a Channel Accessible by Non-Endpoint vulnerability that could allow a remote attacker to perform a man-in-the-middle (MiTM) attack, potentially causing denial of service. ...

CVE-2023-2310 Channel Accessible by Non-Endpoint

A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer Engineering Laboratories SEL Real-Time Automation Controller RTAC could allow a remote attacker to perform a man-in-the-middle MiTM that could result in denial of service. See the ACSELERATOR RTAC SEL-5033 Software instruction...

Rockwellautomation Micrologix Channel Accessible by Non-Endpoint

When an authenticated password change request takes place, this vulnerability could allow the attacker to intercept the message that includes the legitimate, new password hash and replace it with an illegitimate hash. The user would no longer be able to authenticate to the controller Micro800: Al...

CVE-2018-13298

Channel accessible by non-endpoint vulnerability in privacy page in Synology Android Moments before 1.2.3-199 allows man-in-the-middle attackers to execute arbitrary code via unspecified vectors...

CVE-2018-13298

Channel accessible by non-endpoint vulnerability in privacy page in Synology Android Moments before 1.2.3-199 allows man-in-the-middle attackers to execute arbitrary code via unspecified vectors...