Lucene search
+L

176 matches found

CNNVD
CNNVD
added 2023/08/04 12:0 a.m.5 views

Connected IO Parameter Injection Vulnerability

Connected IO is a leading hardware, software and cloud-based IoT and machine-to-machine solution from US-based Connected IO, Inc. A security vulnerability exists in Connected IO ER2000 v2.1.0 and earlier versions, which stems from a parameter injection vulnerability in the AT command in the...

9.8CVSS8AI score0.00819EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/08/04 12:0 a.m.16 views

CVE-2023-33377

Connected IO v2.1.0 and prior has an OS command injection vulnerability in the set firewall command in part of its communication protocol, enabling attackers to execute arbitrary OS commands on devices...

8.2AI score0.01505EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/08/04 12:0 a.m.12 views

CVE-2023-33375

Connected IO v2.1.0 and prior has a stack-based buffer overflow vulnerability in its communication protocol, enabling attackers to take control over devices...

7.5AI score0.00836EPSS
Exploits0References2
CVE
CVE
added 2023/08/04 12:0 a.m.46 views

CVE-2023-33376

CVE-2023-33376 affects Connected IO ER2000 edge routers (v2.1.0 and prior). Root cause: argument injection in the iptables command message within the device’s communication protocol. Impact: attackers can remotely execute arbitrary OS commands on affected devices. CVSSv3.1 base score 9.8 (CRITICA...

9.8CVSS9.9AI score0.00819EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/08/04 12:0 a.m.50 views

CVE-2023-33375

CVE-2023-33375 affects Connected IO ER2000 edge routers (v2.1.0 and earlier). The vulnerability is a stack-based buffer overflow in the device’s communication protocol that enables an attacker to take control of the device. Documented impact is high (CVE score 9.8; Confidentiality/Integrity/Avail...

9.8CVSS9.7AI score0.00836EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/27 3:43 p.m.31 views

Security Bulletin: A vulnerability has been identified in IBM Storage Scale System which could allow unauthorized access to user data or injection of arbitrary data in the communication protocol (CVE-2020-4927)

Summary A security vulnerability has been identified in all levels of IBM Storage Scale System which could allow unauthorized access to user data or injection of arbitrary data in the communication protocol . This vulnerability only affects Storage Scale clusters that host file systems. Clusters...

8.2CVSS6.8AI score0.00347EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/26 12:0 a.m.6 views

The vulnerability of .NET components in the communication protocol library for connecting components of ASU TP Triangle MicroWorks DNP3 Source Code Library, a control platform for managing public distribution and transmission networks of Schneider Electric Saitel DR RTU, allows a intruder to cause a service failure.

The vulnerability of .NET components in the communication protocol library used for connecting components of ASU systems like Triangle MicroWorks DNP3 Source Code Library in Schneider Electric Saitel DR RTU control platforms lies in the fact that the operation results are stored outside of the...

6.5CVSS8AI score0.01349EPSS
Exploits0References4Affected Software2
Rapid7 Blog
Rapid7 Blog
added 2023/03/30 8:21 p.m.13 views

Velociraptor Version 0.6.8 Available Now

A New Client-Server Communication Protocol, VFS GUI, and More Performance Upgrades Make This The Fastest and Most Scalable Velociraptor Yet Rapid7 is excited to announce the release of version 0.6.8 of Velociraptor—an advanced, open-source digital forensics and incident response DFIR tool that...

6.6AI score
Exploits0
OSV
OSV
added 2023/03/15 7:15 p.m.6 views

CVE-2020-4927

A vulnerability in the Spectrum Scale 5.0.5.0 through 5.1.6.1 core component could allow unauthorized access to user data or injection of arbitrary data in the communication protocol. IBM X-Force ID: 191695...

8.2CVSS5.9AI score0.00347EPSS
Exploits0References2
NVD
NVD
added 2023/03/15 7:15 p.m.20 views

CVE-2020-4927

A vulnerability in the Spectrum Scale 5.0.5.0 through 5.1.6.1 core component could allow unauthorized access to user data or injection of arbitrary data in the communication protocol. IBM X-Force ID: 191695...

8.2CVSS6.7AI score0.00347EPSS
Exploits0References2
Prion
Prion
added 2023/03/15 7:15 p.m.14 views

Code injection

A vulnerability in the Spectrum Scale 5.0.5.0 through 5.1.6.1 core component could allow unauthorized access to user data or injection of arbitrary data in the communication protocol. IBM X-Force ID: 191695...

6.4CVSS7.9AI score0.00347EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/03/15 6:11 p.m.23 views

CVE-2020-4927 IBM Spectrum Scale information disclosure

A vulnerability in the Spectrum Scale 5.0.5.0 through 5.1.6.1 core component could allow unauthorized access to user data or injection of arbitrary data in the communication protocol. IBM X-Force ID: 191695...

5.7CVSS8.1AI score0.00347EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/10 8:51 p.m.38 views

Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale which could allow unauthorized access to user data or injection of arbitrary data in the communication protocol (CVE-2020-4927)

Summary A security vulnerability has been identified in all levels of IBM Spectrum Scale which could allow unauthorized access to user data or injection of arbitrary data in the communication protocol . This vulnerability only affects Spectrum Scale clusters that host file systems. Clusters that...

8.2CVSS6.8AI score0.00347EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2023/01/05 9:54 p.m.25 views

CVE-2022-3929 Communication between the client and server partially using CORBA over TCP/IP

Communication between the client and the server application of the affected products is partially done using CORBA Common Object Request Broker Architecture over TCP/IP. This protocol is not encrypted and allows tracing of internal messages. This issue affects FOXMAN-UN product: FOXMAN-UN R15B,...

8.3CVSS9.7AI score0.00389EPSS
Exploits0References2
CVE
CVE
added 2023/01/05 9:54 p.m.70 views

CVE-2022-3929

CVE-2022-3929 affects Hitachi Energy products FOXMAN-UN and UNEM (R9C–R15B). The issue arises from client–server communication partially using CORBA over TCP/IP, which is not encrypted and can allow tracing of internal messages. Public advisories indicate remediation is to upgrade to newer releas...

9.8CVSS9.3AI score0.00389EPSS
Exploits0References2Affected Software2
NVD
NVD
added 2022/12/12 1:15 p.m.19 views

CVE-2022-32537

A vulnerability exists which could allow an unauthorized user to learn aspects of the communication protocol used to pair system components while the pump is being paired with other system components. Exploitation requires nearby wireless signal proximity with the patient and the device; advanced...

4.8CVSS0.00319EPSS
Exploits0References4
Prion
Prion
added 2022/12/12 1:15 p.m.14 views

Design/Logic Flaw

A vulnerability exists which could allow an unauthorized user to learn aspects of the communication protocol used to pair system components while the pump is being paired with other system components. Exploitation requires nearby wireless signal proximity with the patient and the device; advanced...

1.4CVSS5AI score0.00319EPSS
Exploits0References2
0day.today
0day.today
added 2022/12/10 12:0 a.m.281 views

Zhuhai Suny Technology ESL Tag Forgery / Replay Attacks Vulnerability

Zhuhai Suny Technology ESL Tag suffers from replay attacks and a forgery attack allowing for the displaying of arbitrary contents. ======================================================================= title: Replay attacks & Displaying arbitrary contents product: Zhuhai Suny Technology ESL Tag ...

6.5CVSS6.7AI score0.00714EPSS
Exploits3
CVE
CVE
added 2022/11/17 8:47 p.m.64 views

CVE-2022-32537

The CVE-2022-32537 vulnerability affects Medtronic NGP 600 Series insulin pumps (MiniMed 620G/630G/640G/670G and linked components). Root cause: a protection mechanism failure (CWE-693) that could enable an unauthorized user nearby to learn aspects of the communication protocol during pairing bet...

4.8CVSS5.8AI score0.00319EPSS
Exploits0References4Affected Software1
Malwarebytes
Malwarebytes
added 2022/09/22 1:15 p.m.18 views

Medtronic's MiniMed 600 series insulin pumps potentially at risk of compromise, says FDA

The US FDA Food and Drug Administration has warned users of Medtronic's MiniMed 600 Series Insulin Pump System--specifically, models for MiniMed 630G and MiniMed 670G--that their medical devices have a cybersecurity issue with its communication protocol. If compromised, attackers could gain...

2.2AI score
Exploits0
Rows per page
Query Builder