Lucene search
K

185 matches found

CNVD
CNVD
added 2024/07/10 12:0 a.m.5 views

Siemens RUGGEDCOM ROS Information Disclosure Vulnerability (CNVD-2024-31236)

Siemens RuggedCom ROS is an operating system from Siemens, Germany, used in the RuggedCom series of switches. An information disclosure vulnerability exists in Siemens RUGGEDCOM ROS, which can be exploited by an attacker to retrieve a MACSEC key and access decrypt Ethernet frames sent by an...

4.3CVSS6.1AI score0.00352EPSS
Exploits0References1
NVD
NVD
added 2024/07/09 12:15 p.m.19 views

CVE-2023-52238

A vulnerability has been identified in RUGGEDCOM RST2228 All versions V5.9.0, RUGGEDCOM RST2228P All versions V5.9.0. The web server of the affected systems leaks the MACSEC key in clear text to a logged in user. An attacker with the credentials of a low privileged user could retrieve the MACSEC...

4.3CVSS0.00352EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/09 12:4 p.m.19 views

CVE-2023-52238

A vulnerability has been identified in RUGGEDCOM RST2228 All versions V5.9.0, RUGGEDCOM RST2228P All versions V5.9.0. The web server of the affected systems leaks the MACSEC key in clear text to a logged in user. An attacker with the credentials of a low privileged user could retrieve the MACSEC...

4.3CVSS0.00352EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/07/09 12:0 a.m.3 views

Siemens RUGGEDCOM 信息泄露漏洞

Siemens RuggedCom ROS is an operating system from Siemens, Germany, used in the RuggedCom series of switches. An information disclosure vulnerability exists in Siemens RUGGEDCOM ROS, which can be exploited by an attacker to retrieve a MACSEC key and access decrypt Ethernet frames sent by an...

4.3CVSS6.2AI score0.00352EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/05/09 12:0 a.m.28 views

EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2024-1585)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service...

8.7CVSS7AI score0.04561EPSS
Exploits2References7
Prion
Prion
added 2024/03/13 5:15 p.m.22 views

Race condition

A vulnerability in the Layer 2 Ethernet services of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the line card network processor to reset, resulting in a denial of service DoS condition. This vulnerability is due to the incorrect handling of specific Ethernet...

3.3CVSS7.1AI score0.00328EPSS
Exploits0References1
Cisco
Cisco
added 2024/03/13 4:0 p.m.25 views

Cisco IOS XR Software Layer 2 Services Denial of Service Vulnerability

A vulnerability in the Layer 2 Ethernet services of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the line card network processor to reset, resulting in a denial of service DoS condition. This vulnerability is due to the incorrect handling of specific Ethernet...

7.4CVSS7.3AI score0.00328EPSS
Exploits0References1
OSV
OSV
added 2023/07/11 10:15 a.m.5 views

CVE-2023-35921

A vulnerability has been identified in SIMATIC MV540 H All versions V3.3.4, SIMATIC MV540 S All versions V3.3.4, SIMATIC MV550 H All versions V3.3.4, SIMATIC MV550 S All versions V3.3.4, SIMATIC MV560 U All versions V3.3.4, SIMATIC MV560 X All versions V3.3.4. Affected devices cannot properly...

7.5CVSS7.2AI score0.00653EPSS
Exploits0References1
Prion
Prion
added 2023/07/11 10:15 a.m.19 views

Design/Logic Flaw

A vulnerability has been identified in SIMATIC MV540 H All versions V3.3.4, SIMATIC MV540 S All versions V3.3.4, SIMATIC MV550 H All versions V3.3.4, SIMATIC MV550 S All versions V3.3.4, SIMATIC MV560 U All versions V3.3.4, SIMATIC MV560 X All versions V3.3.4. Affected devices cannot properly...

5CVSS7.4AI score0.00653EPSS
Exploits0References1Affected Software6
Vulnrichment
Vulnrichment
added 2023/07/11 9:7 a.m.17 views

CVE-2023-35921

A vulnerability has been identified in SIMATIC MV540 H All versions V3.3.4, SIMATIC MV540 S All versions V3.3.4, SIMATIC MV550 H All versions V3.3.4, SIMATIC MV550 S All versions V3.3.4, SIMATIC MV560 U All versions V3.3.4, SIMATIC MV560 X All versions V3.3.4. Affected devices cannot properly...

7.5CVSS7.2AI score0.00653EPSS
Exploits0References1
CVE
CVE
added 2023/07/11 9:7 a.m.41 views

CVE-2023-35921

CVE-2023-35921 affects Siemens SIMATIC MV540 H/S, MV550 H/S, MV560 U/X (all versions

7.5CVSS7.3AI score0.00653EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/20 12:0 a.m.4 views

PT-2023-4034 · Siemens · Simatic Mv540 S +2

Name of the Vulnerable Software and Affected Versions: SIMATIC MV540 H versions prior to V3.3.4 SIMATIC MV540 S versions prior to V3.3.4 SIMATIC MV550 H versions prior to V3.3.4 SIMATIC MV550 S versions prior to V3.3.4 SIMATIC MV560 U versions prior to V3.3.4 SIMATIC MV560 X versions prior to...

7.8CVSS7.4AI score0.00653EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/04/12 12:0 a.m.5 views

PT-2023-3059 · Juniper Networks · Qfx10000 Series +2

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 19.4R3-S10 Juniper Networks Junos OS version 20.1R1 and later versions Juniper Networks Junos OS versions prior to 20.2R3-S6 Juniper Networks Junos OS versions prior to 20.3R3-S6 Juniper Networks...

6.5CVSS6.3AI score0.00316EPSS
Exploits0References7
Veracode
Veracode
added 2023/04/11 6:36 p.m.33 views

Authorization Bypass

github.com/moby/moby is vulnerable to Authorization Bypass. Encrypted overlay networks accept cleartext VXLAN datagrams tagged with the VNI of the network, which allows remote attackers to arbitrary inject ethernet frames into the encrypted overlay network...

6.8CVSS7AI score0.0144EPSS
Exploits0References10Affected Software1
Veracode
Veracode
added 2023/04/06 7:31 p.m.37 views

Denial Of Service (DoS)

docker is vulnerable to Denial of Service DoS attacks. The injection of arbitrary ethernet frames allow remote attackers to enable denial of service attacks, such as establishing a UDP or TCP connection or smuggling packets into the overlay network...

8.7CVSS7.8AI score0.02733EPSS
Exploits1References12Affected Software2
RedhatCVE
RedhatCVE
added 2023/04/05 12:43 p.m.37 views

CVE-2023-28840

A vulnerability was found in Moby due to an unprotected alternate channel within encrypted overlay networks. This issue could allow a malicious user to cause a denial of service by sending a specially crafted request to inject arbitrary Ethernet frames into the encrypted overlay network...

8.7CVSS7.2AI score0.02733EPSS
Exploits1References4
OSV
OSV
added 2023/04/04 9:11 p.m.46 views

GHSA-6WRF-MXFJ-PF5P Docker Swarm encrypted overlay network with a single endpoint is unauthenticated

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby is commonly referred to as Docker. Swarm Mode, which is...

6.8CVSS7.8AI score0.02733EPSS
Exploits2References7
Github Security Blog
Github Security Blog
added 2023/04/04 9:11 p.m.36 views

Docker Swarm encrypted overlay network with a single endpoint is unauthenticated

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby is commonly referred to as Docker. Swarm Mode, which is...

6.8CVSS7AI score0.0144EPSS
Exploits0References7Affected Software1
CNNVD
CNNVD
added 2023/04/04 12:0 a.m.2 views

Moby 安全漏洞

Moby is an open source project that aims to drive containerization of software and help the ecosystem mainstream container technology. A security vulnerability exists in Moby version 1.12 and later. An attacker exploited the vulnerability to inject arbitrary Ethernet frames into a cryptographic...

6.8CVSS7.1AI score0.0144EPSS
Exploits0References11
Fedora
Fedora
added 2022/07/17 1:15 a.m.33 views

[SECURITY] Fedora 35 Update: golang-github-mdlayher-ethernet-0-0.5.20201109git0394541.fc35

The Golang package ethernet implements marshaling and unmarshaling of IEEE 802.3 Ethernet II frames and IEEE 802.1Q VLAN tags...

9.3CVSS3.8AI score0.05994EPSS
Exploits3
Rows per page
Query Builder