Lucene search
K

189 matches found

Positive Technologies
Positive Technologies
added 2023/12/18 12:0 a.m.3 views

PT-2023-8331 · Ivanti · Ivanti Avalanche

Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche versions affected versions not specified Description: The issue is related to a stack-based buffer overflow in the WLAvalancheService of the Ivanti Avalanche system, which can be exploited by an attacker sending specially...

10CVSS9.8AI score0.06782EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2023/12/12 12:0 a.m.3 views

PT-2023-8280 · Ivanti · Ivanti Avalanche

Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche affected versions not specified Description: The issue is related to a heap-based buffer overflow in the WLInfoRailService of the Ivanti Avalanche system. An attacker can send specially crafted data packets to the Mobile Devi...

10CVSS9.7AI score0.11337EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/12/12 12:0 a.m.3 views

PT-2023-8279 · Ivanti · Ivanti Avalanche

Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche affected versions not specified Description: The issue is related to an XML External Entity XXE vulnerability in the Smart Device Server, which could allow an unauthenticated attacker to leak data or perform a Server-Side...

9.8CVSS9.8AI score0.04004EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/12/12 12:0 a.m.4 views

PT-2023-8276 · Ivanti · Ivanti Avalanche

Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche versions affected versions not specified Description: The issue is related to a stack-based buffer overflow in the WLAvalancheService of the Ivanti Avalanche system. An attacker can send specially crafted data packets to the...

10CVSS9.7AI score0.06782EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/12/12 12:0 a.m.3 views

PT-2023-8282 · Ivanti · Ivanti Avalanche

Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche versions affected versions not specified Description: The issue is related to a buffer overflow in the WLAvalancheService of the Ivanti Avalanche system, which can be exploited by an attacker sending specially crafted data...

9.8CVSS7.8AI score0.09837EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/12/12 12:0 a.m.5 views

PT-2023-8284 · Ivanti · Ivanti Avalanche

Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche versions affected versions not specified Description: The issue is related to a stack-based buffer overflow in the WLAvalancheService of the Ivanti Avalanche system, which can be exploited by an attacker sending specially...

9.8CVSS9.8AI score0.11337EPSS
Exploits0References8
CNVD
CNVD
added 2023/08/18 12:0 a.m.14 views

MOXA NPort IAW5000A-I/O Series Hard-Coded Credential Vulnerability

MOXA NPort IAW5000A-I/O Series is a wireless device server for use in industrial environments from MOXA, China. The server enables the integration of field serial devices with wireless Ethernet networks and incorporates digital IOs for industrial data acquisition applications. A hard-coded...

9.8CVSS6.8AI score0.00337EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/08/16 12:0 a.m.6 views

MOXA NPort IAW5000A-I/O Series 信任管理问题漏洞

MOXA NPort IAW5000A-I/O Series is a wireless device server for use in industrial environments from MOXA, China. The server enables the integration of field serial devices with wireless Ethernet networks and incorporates digital IOs for industrial data acquisition applications. A hard-coded...

9.8CVSS6.8AI score0.00337EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/08/02 12:0 a.m.15 views

Moxa NPort IAW5000A-I/O Series Serial Device Server Buffer Copy Without Checking Size of Input (CVE-2021-32968)

Two buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O Series firmware version 2.2 or earlier may allow a remote attacker to cause a denial-of-service condition. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

7.5CVSS7.6AI score0.01637EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/08/02 12:0 a.m.20 views

Moxa NPort IAW5000A-I/O Series Serial Device Server Improper Input Validation (CVE-2021-32970)

Data can be copied without validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier, which may allow a remote attacker to cause denial-of-service conditions. This plugin only works with Tenable.ot. Please visit...

7.8CVSS7.4AI score0.01623EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/08/02 12:0 a.m.27 views

Moxa NPort IAW5000A-I/O Series Serial Device Server Stack-Based Buffer Overflow (CVE-2021-32976)

Five buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to initiate a denial-of-service attack and execute arbitrary code. This plugin only works with Tenable.ot. Please visit...

9.8CVSS8.6AI score0.02618EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/07/26 12:0 a.m.4 views

MOXA NPort 5110 缓冲区错误漏洞

The Moxa NPort 5110 is a general purpose device server from MOXA. The Moxa NPort 5110 suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to cause the device to be unresponsive...

7.5CVSS5.7AI score0.00695EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/07/26 12:0 a.m.5 views

MOXA NPort 5110 缓冲区错误漏洞

The MOXA NPort 5110 is a general-purpose device server from China-based MOXA. The MOXA NPort 5110 suffers from a buffer error vulnerability that stems from the product's susceptibility to out-of-bounds writes...

8.2CVSS8AI score0.00597EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/04/01 10:17 p.m.21 views

CVE-2021-32976 Moxa NPort IAW5000A-I/O Series Serial Device Server Stack-based Buffer Overflow

Five buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to initiate a denial-of-service attack and execute arbitrary code...

9.8CVSS9.9AI score0.02618EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/04/01 10:17 p.m.17 views

CVE-2021-32970 Moxa NPort IAW5000A-I/O Series Serial Device Server Improper Input Validation

Data can be copied without validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier, which may allow a remote attacker to cause denial-of-service conditions...

7.5CVSS7.6AI score0.01623EPSS
Exploits0References2
OSV
OSV
added 2021/08/11 5:15 p.m.7 views

CVE-2021-3048

Certain invalid URL entries contained in an External Dynamic List EDL cause the Device Server daemon devsrvr to stop responding. This condition causes subsequent commits on the firewall to fail and prevents administrators from performing commits and configuration changes even though the firewall...

5.9CVSS5.8AI score0.00843EPSS
Exploits0References2
NVD
NVD
added 2021/08/11 5:15 p.m.18 views

CVE-2021-3048

Certain invalid URL entries contained in an External Dynamic List EDL cause the Device Server daemon devsrvr to stop responding. This condition causes subsequent commits on the firewall to fail and prevents administrators from performing commits and configuration changes even though the firewall...

5.9CVSS0.00843EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/07/06 12:0 a.m.5 views

NPort IAW5000A-I/O Series 缓冲区错误漏洞

MOXA NPort IAW5000A-I/O Series is a wireless device server for use in industrial environments from MOXA, Taiwan, China. The server enables integration of field serial devices with wireless Ethernet networks and incorporates digital IO for industrial data acquisition applications. A security...

9.8CVSS8.7AI score0.02618EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/07/06 12:0 a.m.4 views

MOXA NPort IAW5000A-I/O Series 操作系统命令注入漏洞

MOXA NPort IAW5000A-I/O Series is a wireless device server for use in industrial environments from MOXA, China. The server integrates field serial devices with wireless Ethernet networks and incorporates digital IOs for industrial data acquisition applications. The NPort IAW5000A-I/O Series suffe...

10CVSS8.5AI score0.02593EPSS
Exploits0References4
ICS
ICS
added 2021/07/06 12:0 a.m.140 views

Moxa NPort IAW5000A-I/O Series Serial Device Server

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Moxa Equipment: NPort IAW5000A-I/O Series Wireless Device Server Vulnerabilities: Classic Buffer Overflow, Stack-based Buffer Overflow, Improper Input Validation, OS Command Injection 2. RISK EVALUATION...

10CVSS9.6AI score0.02618EPSS
Exploits0References5
Rows per page
Query Builder