7 matches found
Authorization Bypass
fuxa-server is vulnerable to an Authorization Bypass. The vulnerability is due to improper enforcement of role-based access controls on WebSocket endpoints, where the server fails to validate authentication and authorization for device tag modification requests, allowing unauthenticated remote...
CVE-2021-20589
Buffer access with incorrect length value vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through 01.38.000, GT25 model communication driver versions 01.19.000 through 01.38.000, GT23 model communication driver versions 01.19.000 through 01.38.000 and GT21 model...
Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7154-1)
"The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7154-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-7009-2)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7009-2 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to caus...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-7007-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7007-1 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use...
ICSA-21-231-01_AVEVA SuiteLink Server
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: AVEVA Software, LLC Equipment: SuiteLink Server Vulnerabilities: Heap-based Buffer Overflow, Null Pointer Dereference, Improper Handling of Exceptional Conditions 2. RISK EVALUATION Successful...
CVE-2021-20592
Missing synchronization vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through 01.39.010, GT25 model communication driver versions 01.19.000 through 01.39.010 and GT23 model communication driver versions 01.19.000 through 01.39.010 and GT SoftGOT2000 versions...