Lucene search
+L

197 matches found

Talos
Talos
added 2023/05/10 12:0 a.m.40 views

Weston Embedded uC-FTPs Authentication authentication bypass vulnerability

Talos Vulnerability Report TALOS-2022-1680 Weston Embedded uC-FTPs Authentication authentication bypass vulnerability May 10, 2023 CVE Number CVE-2022-41985 SUMMARY An authentication bypass vulnerability exists in the Authentication functionality of Weston Embedded uC-FTPs v 1.98.00. A specially...

8.6CVSS8.1AI score0.01488EPSS
Exploits1
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.6 views

SA44508 - 2020-06: Out-of-Cycle Advisory: Multiple Vulnerabilities in Treck TCP/IP Embedded Software

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. Treck IP network stack software is designed and used in a variety of embedded systems. The software can be licensed and integrated in various ways, including compiled from source,...

7.1AI score
Exploits0
CNNVD
CNNVD
added 2022/11/15 12:0 a.m.4 views

Micrium uC-HTTP 缓冲区错误漏洞

Micrium uC-HTTP is a software from Micrium USA that provides TCP/IP functionality for devices. The software is designed for embedded applications with a compact, reliable, high-performance TCP/IP stack with dual support for IPv4 and IPv6. A security vulnerability exists in Micrium uC-HTTP version...

9.8CVSS9.4AI score0.01862EPSS
Exploits1References4
Talos
Talos
added 2022/07/27 12:0 a.m.99 views

DD-WRT httpd unescape memory corruption vulnerability

Summary A memory corruption vulnerability exists in the httpd unescape functionality of DD-WRT Revision 32270 - Revision 48599. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability. Tested Versions DD-WRT Revision 322...

9.8CVSS7.4AI score0.01035EPSS
Exploits1
CNNVD
CNNVD
added 2022/07/26 12:0 a.m.6 views

Cesanta MJS代码问题漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are a small footprint and simple C/C++ interoperability. A security vulnerability exists in Cesanta MJS mJS: Restricted JavaScript engine...

5.5CVSS5.8AI score0.00307EPSS
Exploits1References3
Microsoft KB
Microsoft KB
added 2022/07/12 7:0 a.m.68 views

July 12, 2022—KB5015861 (Monthly Rollup)

None None...

8.8CVSS6.8AI score0.32146EPSS
Exploits4
CNNVD
CNNVD
added 2022/07/01 12:0 a.m.7 views

Das U-Boot 缓冲区错误漏洞

Das U-Boot is a boot loader program mainly for embedded systems. The program supports many different computer system architectures such as PPC, ARM, AVR32, MIPS, x86, 68k, Nios & MicroBlaze. A security vulnerability exists in Das U-Boot versions v2020.10 through v2022.07-rc3. An attacker can...

7.8CVSS8AI score0.00453EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/06/29 12:0 a.m.9 views

Das U-Boot 缓冲区错误漏洞

Das U-Boot is a boot loader program mainly for embedded systems. The program supports many different computer system architectures such as PPC, ARM, AVR32, MIPS, x86, 68k, Nios and MicroBlaze. A security vulnerability exists in Das U-Boot version 2022.07-rc5 and earlier versions, which stems from...

9.8CVSS8.4AI score0.02037EPSS
Exploits1References10
CNNVD
CNNVD
added 2022/06/08 12:0 a.m.37 views

Das U-Boot 缓冲区错误漏洞

Das U-Boot is a boot loader program mainly for embedded systems. The program supports many different computer system architectures such as PPC, ARM, AVR32, MIPS, x86, 68k, Nios and MicroBlaze. A security vulnerability exists in Das U-Boot 2022.01 and earlier versions, which stems from the...

7.8CVSS7.5AI score0.00554EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2022/05/13 12:0 a.m.8 views

The vulnerability of the kernel of microprogramming software in Qualcomm’s embedded chips allows a hacker to execute arbitrary code.

The vulnerability of microprogramming software in embedded Qualcomm chips relates to synchronization errors when using common resources. Exploiting this vulnerability can allow a hacker to execute arbitrary code...

9.3CVSS7.5AI score0.00119EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2021/12/21 9:45 a.m.4 views

Exploit for Embedded Malicious Code in Tukaani Xz

Home / Tags / Archives./archive...

10CVSS7.6AI score0.85974EPSS
Exploits40
CNNVD
CNNVD
added 2021/12/10 12:0 a.m.4 views

AMD EPYC Embedded Processors 安全漏洞

AMD EPYC is an x86 server microprocessor product line from AMD, known as "Xiao Long" in Chinese, utilizing the Zen microarchitecture. A security vulnerability exists in AMD EPYC Embedded Processors, where an unprivileged process executed by a malicious hypervisor in a VM could maliciously take...

8.4CVSS7.8AI score0.00239EPSS
Exploits0References2
OSV
OSV
added 2021/11/25 11:3 a.m.2 views

OESA-2021-1441 busybox security update

BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. It provides a fairly complete environment for any small or embedded system. Security Fixes: An...

5.3CVSS6.7AI score0.00579EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2021/09/09 8:28 a.m.51 views

Fighting the Rogue Toaster Army: Why Secure Coding in Embedded Systems is Our Defensive Edge

There are plenty of pop culture references to rogue AI and robots, and appliances turning on their human masters. It is the stuff of science fiction, fun, and fantasy, but with IoT and connected devices becoming more prevalent in our homes, we need more discussion around cybersecurity and safety...

9.8CVSS9.7AI score0.02545EPSS
Exploits1
NCSC
NCSC
added 2021/08/04 12:0 a.m.69 views

Vulnerabilities found in NicheStack

Forescout researchers have found fourteen vulnerabilities found in NicheStack. This is a TCP/IP stack used primarily used in embedded systems and ICS/SCADA devices. Among Siemens, Honeywell, Rockwell Automation and Schneider Electric, among others are mentioned by Forescout as manufacturers that...

9.8CVSS6.8AI score0.03627EPSS
Exploits0
CNNVD
CNNVD
added 2021/07/22 12:0 a.m.6 views

STMicroelectronics STM32Cube Middleware 安全漏洞

The Stmicroelectronics STMicroelectronics STM32Cube is a microcontroller for embedded systems from Stmicroelectronics Switzerland. A security vulnerability exists in the STMicroelectronics STM32Cube Middleware that can be exploited by an attacker to execute arbitrary code...

6.8CVSS7.1AI score0.00473EPSS
Exploits1References2
CNVD
CNVD
added 2021/05/31 12:0 a.m.9 views

Cesanta MJS Stack Overflow Vulnerability (CNVD-2021-38649)

Cesanta MJS is an embedded JavaScript engine for C/C++, designed for microcontrollers with limited resources. A stack overflow vulnerability exists in parsemuldivrem in Cesanta MJS version 1.20.1. An attacker can exploit this vulnerability via specially crafted files to cause a denial of service...

5.5CVSS7AI score0.00823EPSS
Exploits1References1
CNVD
CNVD
added 2021/05/27 12:0 a.m.2 views

Binary vulnerability in picoTCP, picoTCP-NG

picoTCP is a small footprint, modular TCP/IP stack designed for embedded systems and the Internet of Things. A binary vulnerability exists in picoTCP, picoTCP-NG, which can be exploited by an attacker to gain server control privileges...

7.3AI score
Exploits0
CNVD
CNVD
added 2021/05/25 12:0 a.m.7 views

Zephyr Out-of-Bounds Read Vulnerability

Zephyr is a small real-time operating system for connected, resource-constrained embedded devices. A security vulnerability exists in Zephyr versions = 1.14.2 and = 2.3.0. An attacker could exploit this vulnerability to achieve remote code execution...

9.8CVSS7.6AI score0.00928EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/03/21 12:0 a.m.8 views

The vulnerability in the `dns_parse_callback` function in the `network/lookup_name.c` library for the C language, used in Linux-based embedded operating systems, allows a attacker to cause a service failure.

The vulnerability of the dnsparsecallback function in the network/lookupname.c library for the C language, used in Linux-based operating systems, relates to the lack of restrictions on the number of addresses that can be entered. Exploiting this vulnerability could allow a remote attacker to caus...

7.5CVSS7.2AI score0.02015EPSS
Exploits0References6Affected Software2
Rows per page
Query Builder