Lucene search
K

126 matches found

Prion
Prion
added 2024/01/24 7:15 p.m.22 views

Buffer overflow

Buffer over-read vulnerability in the dtlssha256update function in Contiki-NG tinyDTLS through master branch 53a0d97 allows remote attackers to cause a denial of service via crafted data packet...

6.4CVSS7.2AI score0.00836EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/24 12:0 a.m.19 views

CVE-2021-42147

Buffer over-read vulnerability in the dtlssha256update function in Contiki-NG tinyDTLS through master branch 53a0d97 allows remote attackers to cause a denial of service via crafted data packet...

9AI score0.00836EPSS
Exploits0References1
NVD
NVD
added 2023/10/09 7:15 p.m.18 views

CVE-2023-5460

A vulnerability was found in Delta Electronics WPLSoft up to 2.51 and classified as problematic. This issue affects some unknown processing of the component Modbus Data Packet Handler. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be...

5.7CVSS4.6AI score0.00388EPSS
Exploits0References3
Prion
Prion
added 2023/10/09 7:15 p.m.25 views

Heap overflow

A vulnerability was found in Delta Electronics WPLSoft up to 2.51 and classified as problematic. This issue affects some unknown processing of the component Modbus Data Packet Handler. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be...

2.7CVSS5.8AI score0.00388EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/10/09 7:0 p.m.22 views

CVE-2023-5460 Delta Electronics WPLSoft Modbus Data Packet heap-based overflow

A vulnerability was found in Delta Electronics WPLSoft up to 2.51 and classified as problematic. This issue affects some unknown processing of the component Modbus Data Packet Handler. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be...

3.5CVSS6AI score0.00388EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/07/11 9:7 a.m.27 views

CVE-2022-31810

A vulnerability has been identified in SiPass integrated All versions V2.90.3.8. Affected server applications improperly check the size of data packets received for the configuration client login, causing a stack-based buffer overflow. This could allow an unauthenticated remote attacker to crash...

7.5CVSS7.7AI score0.00663EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/05/04 12:0 a.m.7 views

Vulnerability of the mstolfp() function (libntp/mstolfp.c) in the ntpq monitoring program, which implements a time synchronization protocol. This vulnerability allows a perpetrator to execute arbitrary code.

The vulnerability of the mstolfp function libntp/mstolfp.c in the ntpq monitoring program, which implements the NTP time synchronization protocol, is related to writing beyond the buffer boundaries in memory when adding a decimal point. Exploiting this vulnerability could allow a remote attacker ...

5.6CVSS7.5AI score0.00645EPSS
Exploits0References9Affected Software6
Exploit DB
Exploit DB
added 2023/03/25 12:0 a.m.246 views

NVFLARE < 2.1.4 - Unsafe Deserialization due to Pickle

Exploit Title: NVFLARE 2.1.4 - Unsafe Deserialization due to Pickle Exploit Author: Elias Hohl Google Dork: N/A Date: 2022-06-21 Vendor Homepage: https://www.nvidia.com Software Link: https://github.com/NVIDIA/NVFlare Version: 2.1.4 Tested on: Ubuntu 20.04 CVE : CVE-2022-34668...

9.8CVSS7AI score0.08529EPSS
Exploits3
SUSE CVE
SUSE CVE
added 2023/02/15 6:17 a.m.4 views

SUSE CVE-2005-2629

Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1 and 2, and Helix Player 10.0.0 allows remote attackers to execute arbitrary code via an .rm movie file with a large value in the length field of the first data packet, which leads to a stack-based buffer overflow, a...

5.1CVSS8.4AI score0.12817EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:16 a.m.3 views

SUSE CVE-2006-0049

gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different...

5CVSS7AI score0.02373EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2023/01/10 12:41 a.m.16 views

PocketMine-MP vulnerable to denial-of-service by sending large modal form responses

Impact Due to a workaround for an old client bug which has since been fixed, very large JSON payloads in ModalFormResponsePacket were able to cause the server to spend a significant amount of time processing the packet. Large numbers of these packets were able to hog CPU time so as to prevent the...

0.8AI score
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/10/14 12:0 a.m.12 views

CVE-2022-38980

The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control permissions...

9.6AI score0.0051EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2022/08/22 12:0 a.m.31 views

Juuko DATA Packet Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to issue commands on vulnerable installations of Juuko equipment. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of communication between the transmitter and receiver. By using a fixed control...

7.5CVSS2.8AI score0.01489EPSS
Exploits0
NVD
NVD
added 2022/07/07 7:15 p.m.25 views

CVE-2022-32449

TOTOLINK EX300V2 V4.0.3c.7484 was discovered to contain a command injection vulnerability via the langType parameter in the setLanguageCfg function. This vulnerability is exploitable via a crafted MQTT data packet...

10CVSS0.18433EPSS
Exploits1References2
Prion
Prion
added 2022/07/07 7:15 p.m.20 views

Command injection

TOTOLINK EX300V2 V4.0.3c.7484 was discovered to contain a command injection vulnerability via the langType parameter in the setLanguageCfg function. This vulnerability is exploitable via a crafted MQTT data packet...

10CVSS9.6AI score0.18433EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/07/07 12:0 a.m.29 views

CVE-2022-32449

TOTOLINK EX300V2 V4.0.3c.7484 was discovered to contain a command injection vulnerability via the langType parameter in the setLanguageCfg function. This vulnerability is exploitable via a crafted MQTT data packet...

9.8AI score0.18433EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2022/04/08 12:0 a.m.383 views

Online Sports Complex Booking System 1.0 Cross Site Scripting

Title: Online Sports Complex Booking System 1.0 XSS Author: Zllggggg Vendor: https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/scbs1.zip Reference:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/04/06 12:0 a.m.223 views

Online Sports Complex Booking System 1.0 SQL Injection

Title: Online Sports Complex Booking System 1.0 SQL Injection Author: Zllggggg Vendor: https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/scbs1.zip Reference:...

0.4AI score
Exploits0
CNNVD
CNNVD
added 2021/08/13 12:0 a.m.5 views

MAC1100 PLC 安全漏洞

The MAC1100 PLC is an industrial control product PLC. A security vulnerability exists in the MAC1100 PLC that can be exploited by an attacker to cause a persistent denial of service DOS via a crafted package...

7.8CVSS5.6AI score0.01287EPSS
Exploits1References1
OSV
OSV
added 2021/04/15 2:15 p.m.4 views

CVE-2020-28592

A heap-based buffer overflow vulnerability exists in the configuration server functionality of the Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to remote code execution. An attacker can send a malicious packet to trigger this vulnerability...

9.8CVSS6.3AI score0.02545EPSS
Exploits1References1
Rows per page
Query Builder