140 matches found
Industrial Control Device Vulnerability in American General PACsystem RX3i
General Electric GE is the world's largest multinational corporation in the business of providing technology and services, headquartered in Boston, USA. An industrial control device vulnerability exists in the American General PACsystem RX3i, which can be exploited by an attacker to cause a denia...
SIMATIC S7-300 PLC has a vulnerability in an industrial control device.
The S7-300 is a modular compact PLC system. An industrial control device vulnerability exists in the SIMATIC S7-300 PLC that can be exploited by an attacker to cause a denial of service to the server...
CVE-2012-0952 Heap overflow in control device ioctl
A heap buffer overflow was discovered in the device control ioctl in the Linux driver for Nvidia graphics cards, which may allow an attacker to overflow 49 bytes. This issue was fixed in version 295.53...
CVE-2019-19194
The Bluetooth Low Energy Secure Manager Protocol SMP implementation on Telink Semiconductor BLE SDK versions before November 2019 for TLSR8x5x through 3.4.0, TLSR823x through 1.3.0, and TLSR826x through 3.3 devices installs a zero long term key LTK if an out-of-order link-layer encryption request...
Denial of Service Vulnerability in UDC-301CE Measurement and Control Device (CNVD-2020-01581)
UDC-301CE measurement and control device is a digital measurement and control device to realize line or transformer interval measurement and control function. A denial of service vulnerability exists in the UDC-301CE, which can be exploited by an attacker to cause a system crash...
Barco ClickShare Button R9861500D01 Credential Management Error Vulnerability
The Barco ClickShare Button R9861500D01 is a wireless control device for presentation systems from Barco Belgium. A credential management error vulnerability exists in Barco ClickShare Button R9861500D01 versions prior to 1.9.0, which can be exploited by an attacker to forge arbitrary software...
Linear eMerge E3-Series Path Traversal Vulnerability
The Nortek Security & Control Linear eMerge E3-Series is an access control device from Nortek Security & Control USA. A path traversal vulnerability exists in the Linear eMerge E3-Series device, which stems from the program failing to properly handle sequences such as '... /' and other sequences...
Linear eMerge E3-Series Command Injection Vulnerability
The Nortek Security & Control Linear eMerge E3-Series is an access control device from Nortek Security & Control USA. A command injection vulnerability exists in the Linear eMerge E3-Series device that stems from a program that uses external input to construct commands, but fails to properly hand...
Nortek Security & Control Linear eMerge E3-Series Trust Management Issue Vulnerability (CNVD-2019-34631)
The Nortek Security & Control Linear eMerge E3-Series is an access control device from Nortek Security & Control USA. A vulnerability exists in the Nortek Security & Control Linear eMerge E3-Series due to a trust management issue. An attacker can exploit the vulnerability to obtain a plaintext...
Nortek Security & Control Linear eMerge E3-Series Trust Management Issue Vulnerability (CNVD-2019-34630)
The Nortek Security & Control Linear eMerge E3-Series is an access control device from Nortek Security & Control USA. A vulnerability exists in the Nortek Security & Control Linear eMerge E3-Series due to a trust management issue. An attacker could exploit the vulnerability to bypass authenticati...
Nortek Security & Control Linear eMerge E3-Series Trust Management Issue Vulnerability
The Nortek Security & Control Linear eMerge E3-Series is an access control device from Nortek Security & Control USA. A trust management issue vulnerability exists in the Nortek Security & Control Linear eMerge E3-Series. An attacker could exploit the vulnerability to obtain a default password an...
Denial of Service Vulnerability in MMS Protocol for Sifang CSI-200EA Measurement and Control Device
CSI-200EA measurement and control device is mainly used in substation automation system of 110kV and above voltage level. A denial of service vulnerability exists in the MMS protocol of the Sifang CSI-200EA measurement and control device. An attacker can exploit the vulnerability to cause a devic...
SUSE-SU-2018:0674-1 Security update for kernel-firmware
This update for kernel-firmware fixes the following issues: - CVE-2015-1142857: Add 7.13.1.0 bnx2x firmware files to fix a ethernet flow control vulnerability in SRIOV devices bsc1077355...
The vulnerability of the control device in the electrical energy sector, SICAM PAS, allows a intruder to upload, download, or delete files in certain parts of the file system.
The vulnerability of the telecontrol device in the electrical energy sector, SICAM PAS, is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to upload, download, or delete files in certain parts of the file system by sending specially crafted TCP...
Android maxdsm Driver Kernel Information Disclosure Vulnerability
Exploit for Android platform in category local exploits Android: Kernel information disclosure in "maxdsmread" The "maxdsm" driver exposes several character devices which can be used to control and calibrate the device. One such device is the "control device", exposed under: "/dev/dsmctrldev". Th...
The vulnerability of the ABB PCM600 control and configuration device allows a intruder to gain access to user passwords.
The vulnerability of the ABB PCM600 control and configuration device lies in the use of reversible encryption for passwords stored in the ACTConfig configuration file. Exploiting this vulnerability could allow an attacker acting locally to gain access to user passwords...
ABB PCM600 Credential Protection Vulnerability (CNVD-2016-03749)
The ABB PCM600 is a protection and control IED manager, primarily used in the energy industry. A vulnerability exists in the way the ABB PCM600 authentication credentials are saved. A local attacker could exploit this vulnerability to gain access to the affected device...
The vulnerability of the microprogramming software of the Cisco TelePresence Conductor conference call control device allows a intruder to gain access to the device.
The vulnerability of the control interface for microprogramming-based conference communication devices like Cisco TelePresence Conductor is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to gain access to the device using a...
LSE Leading Security Experts GmbH - LSE-2014-07-13 - Granding Grand MA 300 - Weak Pin Verification
=== LSE Leading Security Experts GmbH - Security Advisory 2014-07-13 === Grand MA 300 Fingerprint Reader - Weak Pin Verification ------------------------------------------------------------------------ Affected Versions ================= Grand MA 300/ID with firmware 6.60 Issue Overview...
Drivers
A software component necessary to control or regulate another device...