10 matches found
IBM Watsonx.data 安全漏洞
IBM Watsonx.data is an open data lake platform developed by IBM. Versions 2.2 to 2.3 of IBM Watsonx.data contain security vulnerabilities. These vulnerabilities stem from insufficient restrictions on communication between Pods, allowing attackers to transfer data between Pods without any...
Hacking Trains
Seems like an old system system that predates any care about security: The flaw has to do with the protocol used in a train system known as the End-of-Train and Head-of-Train. A Flashing Rear End Device FRED, also known as an End-of-Train EOT device, is attached to the back of a train and sends...
CVE-2025-30024
The communication protocol used between client and server had a flaw that could be leveraged to execute a man in the middle attack...
SUSE-SU-2023:3035-1 Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-15020024134 fixes several issues. The following security issues were fixed: - CVE-2023-35788: Fixed an out-of-bounds write in the flower classifier code via TCAFLOWERKEYENCOPTSGENEVE packets in flsetgeneveopt in net/sched/clsflower.c bsc1212509. -...
Design/Logic Flaw
Communication between the client and the server application of the affected products is partially done using CORBA Common Object Request Broker Architecture over TCP/IP. This protocol is not encrypted and allows tracing of internal messages. This issue affects FOXMAN-UN product: FOXMAN-UN R15B,...
CVE-2022-24285
Acer Care Center 4.00.30xx before 4.00.3042 contains a local privilege escalation vulnerability. The user process communicates with a service of system authority called ACCsvc through a named pipe. In this case, the Named Pipe is also given Read and Write rights to the general user. In addition,...
CVE-2020-27777
A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down usually due to Secure Boot guest system running on top of PowerVM or KVM hypervisors pseries platform a root like local user could use this flaw to further increase their privileges to...
Apple macOS 安全漏洞
Apple macOS is a specialized operating system developed by Apple for Mac computers. An elevation of privilege vulnerability exists in Apple macOS version 6.0.2. The vulnerability stems from a flaw in the XPC interface in AnyDesk on macOS versions 6.0.2 and above, which fails to properly validate ...
Design/Logic Flaw
An issue was discovered on KT MC01507L Z-Wave S0 devices. It occurs because HPKP is not implemented. The communication architecture is APP Server Controller HUB Node products which are controlled by HUB. The prerequisite is that the attacker is on the same network as the target HUB, and can use I...
(0Day) Juuko JK-800 Replay Attack Vulnerability
This vulnerability allows remote attackers to issue commands on vulnerable installations of Juuko equipment. Authentication is not required to exploit this vulnerability. The specific flaw exists with the communication between the transmitter and receiver pair. By using a fixed control code, an...