10 matches found
ROS-20251128-06
A vulnerability in the adevrelease function in the drivers/peci/cpu.c module of the Platform Environment Control driver Interface PECI module of the Linux kernel is related to the reuse of previously released memory. memory. Exploitation of the vulnerability could allow an attacker to impact the...
CVE-2021-26638
Technical details for CVE-2021-26638 are not publicly available in the provided documents. Monitor for updates from linked sources before drawing conclusions about affected products, impact, or remediation.
curl: match
Steps To Reproduce: lib/telnet.c suboption function incorrecly checks for the sscanf return value. Instead of checking that 2 elements are parsed, the code also continues if just one element matches: ifsscanfv-data, "%127^,,%127s", varname, varval As such it is possible to construct environment...
ECOA Building Automation System - Hidden Backdoor Accounts and backdoor() Function
Exploit Title: ECOA Building Automation System - Hidden Backdoor Accounts and backdoor Function Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Hidden Backdoor Accounts and backdoor Function Vendor: ECOA Technologies Corp...
ECOA Building Automation System - Configuration Download Information Disclosure
Exploit Title: ECOA Building Automation System - Configuration Download Information Disclosure Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Configuration Download Information Disclosure Vendor: ECOA Technologies Corp. Produc...
ECOA Building Automation System Cookie Poisoning Authentication Bypass
Summary 1 The Risk-Terminator Web Graphic control BEMS Building Energy Management System are designed to provide you with the latest in the Human Machine Interface HMI technology, for completely monitoring and controlling management. It may be used singly for small and medium sized facilities,...
ECOA Building Automation System Local File Disclosure Vulnerability
Summary 1 The Risk-Terminator Web Graphic control BEMS Building Energy Management System are designed to provide you with the latest in the Human Machine Interface HMI technology, for completely monitoring and controlling management. It may be used singly for small and medium sized facilities,...
curl: CVE-2021-22898: TELNET stack contents disclosure
Summary: lib/telnet.c suboption function incorrecly checks for the sscanf return value. Instead of checking that 2 elements are parsed, the code also continues if just one element matches: ifsscanfv-data, "%127^,,%127s", varname, varval As such it is possible to construct environment values that...
Fedora 32 : flatpak (2021-f807eb480a)
The remote Fedora 32 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-f807eb480a advisory. - This is a security update that fixes a sandbox escape where a malicious application can execute code outside the sandbox by controlling the environment of...
What Can Application Control Do For You?
In past blogs, we’ve taken a look at application control and the best practices for successful deployment. Today we’re going to shift gears slightly, and highlight the reasons some companies have chosen this practice. Whitelist With Flexibility It seems counterintuitive to put “whitelisting” and...