11 matches found
Security Bulletin: Financial Transaction Manager v4 is impacted by multiple vulnerabilities in IBM Java SE
Summary Multiple vulnerabilities were addressed in Financial Transaction Manager v4.0.6.0 iFix4 Vulnerability Details CVEID:CVE-2024-21147 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause high confidentiality, high integrity...
Security Bulletin: Multiple vulnerabilities in Java affect IBM Business Automation Workflow - July 2024 CPU
Summary IBM Business Automation Workflow containers package IBM® Java SDK 8 V21.0.3 or IBM® Semeru Runtime 17 V24.0.0. Information about security vulnerabilities in these Java runtumes have been published. IBM Business Automation Workflow includes IBM Java 8. Vulnerability Details...
JVN#64316789: Multiple vulnerabilities in SoftEther VPN and PacketiX VPN
SoftEther VPN provided by University of Tsukuba SoftEther VPN Project and PacketiX VPN provided by SoftEther Corporation contain multiple vulnerabilities listed below in VPN Client function, and Dynamic DNS Client function included in the VPN server. Heap-based buffer overflow CWE-122 -...
Design/Logic Flaw
A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer Engineering Laboratories SEL Real-Time Automation Controller RTAC could allow a remote attacker to perform a man-in-the-middle MiTM that could result in denial of service. See the ACSELERATOR RTAC SEL-5033 Software instruction...
CVE-2023-2310 Channel Accessible by Non-Endpoint
A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer Engineering Laboratories SEL Real-Time Automation Controller RTAC could allow a remote attacker to perform a man-in-the-middle MiTM that could result in denial of service. See the ACSELERATOR RTAC SEL-5033 Software instruction...
CVE-2023-2310
CVE-2023-2310 affects Schweitzer Engineering Laboratories SEL Real-Time Automation Controller (RTAC). Connected docs describe a Channel Accessible by Non-Endpoint vulnerability that could allow a remote attacker to perform a man-in-the-middle (MiTM) attack, potentially causing denial of service. ...
Aethon TUG Home Base Server
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Aethon owned by ST Engineering Equipment: TUG Home Base Server Vulnerabilities: Missing Authorization, Channel Accessible by Non-endpoint, Cross-site Scripting 2. RISK EVALUATION Successful exploitation...
Rockwellautomation Micrologix Channel Accessible by Non-Endpoint
When an authenticated password change request takes place, this vulnerability could allow the attacker to intercept the message that includes the legitimate, new password hash and replace it with an illegitimate hash. The user would no longer be able to authenticate to the controller Micro800: Al...
Rockwell Automation Micro800 and MicroLogix 1400
1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely Vendor: Rockwell Automation Equipment: Micro800, MicroLogix 1400 Vulnerability: Channel Accessible by Non-endpoint 2. RISK EVALUATION Successful exploitation of this vulnerability may result in denial-of-service conditions, which...
CVE-2018-13298
Channel accessible by non-endpoint vulnerability in privacy page in Synology Android Moments before 1.2.3-199 allows man-in-the-middle attackers to execute arbitrary code via unspecified vectors...
CVE-2018-13298
Channel accessible by non-endpoint vulnerability in privacy page in Synology Android Moments before 1.2.3-199 allows man-in-the-middle attackers to execute arbitrary code via unspecified vectors...