CVE-2025-34458 wb2osz/direwolf <= 1.8.1 Reachable Assertion DoS

wb2osz/direwolf Dire Wolf versions up to and including 1.8, prior to commit 3658a87, contain a reachable assertion vulnerability in the APRS MIC-E decoder function aprsmice located in src/decodeaprs.c. When processing a specially crafted AX.25 frame containing a MIC-E message with an empty or...

EUVD-2015-7255

Malware in sbrugna...

EUVD-2016-3860

Malware in sbrugna...

EUVD-2016-10487

Malware in sbrugna...

EUVD-2003-1106

Malware in sbrugna...

CVE-2023-38686

Sydent (Matrix Identity Server) is affected pre-2.5.6: when configured to send emails via TLS, it does not verify SMTP server certificates, enabling MITM interception of invitation and address-confirmation emails by an attacker with network access. Root cause: failure to verify TLS SMTP certifica...

PT-2022-3156 · Emerson · Emerson Deltav Distributed Control System

Name of the Vulnerable Software and Affected Versions: Emerson DeltaV Distributed Control System DCS through 2022-04-29 Description: The issue is related to weaknesses in the authentication procedure of the Emerson DeltaV Distributed Control System DCS. This allows a remote attacker to access...

kernel: memory corruption in Voice over IP nf_conntrack_h323 module

An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this...

Modbus Banner Grabbing

This module grabs the banner of any device running the Modbus protocol by sending a request with Modbus Function Code 43 Read Device Identification. Modbus is a data communications protocol originally published by Modicon now Schneider Electric in 1979 for use with its programmable logic...

Puppet Enterprise Communication Protocol Denial of Service Vulnerability

Puppet is a set of configuration management tools based on client/server C/S architecture , it can be used to manage configuration files , users , cron tasks , packages , system services and so on. The Puppet Communications Protocol in Puppet Enterprise fails to properly validate the credentials ...

CVE-2016-2787

The Puppet Communications Protocol in Puppet Enterprise 2015.3.x before 2015.3.3 does not properly validate certificates for the broker node, which allows remote non-whitelisted hosts to prevent runs from triggering via unspecified vectors...

CVE-2016-2787

The Puppet Communications Protocol in Puppet Enterprise 2015.3.x before 2015.3.3 does not properly validate certificates for the broker node, which allows remote non-whitelisted hosts to prevent runs from triggering via unspecified vectors...

CVE-2016-2787

CVE-2016-2787 affects Puppet Enterprise 2015.x (specifically 2015.3.x before 2015.3.3). The vulnerability arises from improper validation of broker node certificates in the Puppet Communications Protocol, enabling remote non-whitelisted hosts to prevent Puppet runs via unspecified vectors. The li...

Puppet Enterprise Denial of Service Vulnerability

Puppet is a set of configuration management tools based on a client/server architecture that can be used to manage configuration files, users, cron tasks, packages, system services, etc. Puppet Enterprise is an enterprise edition. A security vulnerability exists in the Puppet Communications...

CVE-2016-9686

The Puppet Communications Protocol PCP Broker incorrectly validates message header sizes. An attacker could use this to crash the PCP Broker, preventing commands from being sent to agents. This is resolved in Puppet Enterprise 2016.4.3 and 2016.5.2...

SISCO MMS-EASE and AX-S4 ICCP Denial of Service Vulnerabilities

SISCO MMS-EASE and AX-S4 ICCP are both products of SISCO Corporation, USA. The former is a set of C programming interfaces APIs for MMS Manufacturing Message Specification and the latter is a set of data sharing software.SNAP-Lite Utility is one of the data mining and analysis components. A...

Design/Logic Flaw

Puppet Enterprise 2015.3 before 2015.3.1 allows remote attackers to bypass a host whitelist protection mechanism by leveraging the Puppet communications protocol...

Fortinet FortiOS < 4.3.16 / 5.x < 5.0.8 Multiple Vulnerabilities (FG-IR-14-006)

The remote host is running FortiOS prior to 4.3.16 or 5.x prior to 5.0.8. It is, therefore, affected by the following vulnerabilities : - A flaw exists within the FortiManager service when handling incoming requests. Using a specially crafted request, a remote attacker can exploit this to cause a...

Ethernet Industrial Protocol (EtherNet/IP) Implicit Message Detection

Binary data 7113.pasl...

X-format Communications Protocol (XCP) Detection

The remote service supports the X-format Communications Protocol XCP, commonly used to monitor Eaton-/Powerware-branded UPSes. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid44329; scriptversion"1.5"; scriptcvsdate"Date: 2019/11/22"; scriptnameenglish:"X-format...