185 matches found
Siemens RUGGEDCOM ROS Information Disclosure Vulnerability (CNVD-2024-31236)
Siemens RuggedCom ROS is an operating system from Siemens, Germany, used in the RuggedCom series of switches. An information disclosure vulnerability exists in Siemens RUGGEDCOM ROS, which can be exploited by an attacker to retrieve a MACSEC key and access decrypt Ethernet frames sent by an...
CVE-2023-52238
A vulnerability has been identified in RUGGEDCOM RST2228 All versions V5.9.0, RUGGEDCOM RST2228P All versions V5.9.0. The web server of the affected systems leaks the MACSEC key in clear text to a logged in user. An attacker with the credentials of a low privileged user could retrieve the MACSEC...
CVE-2023-52238
A vulnerability has been identified in RUGGEDCOM RST2228 All versions V5.9.0, RUGGEDCOM RST2228P All versions V5.9.0. The web server of the affected systems leaks the MACSEC key in clear text to a logged in user. An attacker with the credentials of a low privileged user could retrieve the MACSEC...
Siemens RUGGEDCOM 信息泄露漏洞
Siemens RuggedCom ROS is an operating system from Siemens, Germany, used in the RuggedCom series of switches. An information disclosure vulnerability exists in Siemens RUGGEDCOM ROS, which can be exploited by an attacker to retrieve a MACSEC key and access decrypt Ethernet frames sent by an...
EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2024-1585)
According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service...
Race condition
A vulnerability in the Layer 2 Ethernet services of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the line card network processor to reset, resulting in a denial of service DoS condition. This vulnerability is due to the incorrect handling of specific Ethernet...
Cisco IOS XR Software Layer 2 Services Denial of Service Vulnerability
A vulnerability in the Layer 2 Ethernet services of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the line card network processor to reset, resulting in a denial of service DoS condition. This vulnerability is due to the incorrect handling of specific Ethernet...
CVE-2023-35921
A vulnerability has been identified in SIMATIC MV540 H All versions V3.3.4, SIMATIC MV540 S All versions V3.3.4, SIMATIC MV550 H All versions V3.3.4, SIMATIC MV550 S All versions V3.3.4, SIMATIC MV560 U All versions V3.3.4, SIMATIC MV560 X All versions V3.3.4. Affected devices cannot properly...
Design/Logic Flaw
A vulnerability has been identified in SIMATIC MV540 H All versions V3.3.4, SIMATIC MV540 S All versions V3.3.4, SIMATIC MV550 H All versions V3.3.4, SIMATIC MV550 S All versions V3.3.4, SIMATIC MV560 U All versions V3.3.4, SIMATIC MV560 X All versions V3.3.4. Affected devices cannot properly...
CVE-2023-35921
A vulnerability has been identified in SIMATIC MV540 H All versions V3.3.4, SIMATIC MV540 S All versions V3.3.4, SIMATIC MV550 H All versions V3.3.4, SIMATIC MV550 S All versions V3.3.4, SIMATIC MV560 U All versions V3.3.4, SIMATIC MV560 X All versions V3.3.4. Affected devices cannot properly...
CVE-2023-35921
CVE-2023-35921 affects Siemens SIMATIC MV540 H/S, MV550 H/S, MV560 U/X (all versions
PT-2023-4034 · Siemens · Simatic Mv540 S +2
Name of the Vulnerable Software and Affected Versions: SIMATIC MV540 H versions prior to V3.3.4 SIMATIC MV540 S versions prior to V3.3.4 SIMATIC MV550 H versions prior to V3.3.4 SIMATIC MV550 S versions prior to V3.3.4 SIMATIC MV560 U versions prior to V3.3.4 SIMATIC MV560 X versions prior to...
PT-2023-3059 · Juniper Networks · Qfx10000 Series +2
Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 19.4R3-S10 Juniper Networks Junos OS version 20.1R1 and later versions Juniper Networks Junos OS versions prior to 20.2R3-S6 Juniper Networks Junos OS versions prior to 20.3R3-S6 Juniper Networks...
Authorization Bypass
github.com/moby/moby is vulnerable to Authorization Bypass. Encrypted overlay networks accept cleartext VXLAN datagrams tagged with the VNI of the network, which allows remote attackers to arbitrary inject ethernet frames into the encrypted overlay network...
Denial Of Service (DoS)
docker is vulnerable to Denial of Service DoS attacks. The injection of arbitrary ethernet frames allow remote attackers to enable denial of service attacks, such as establishing a UDP or TCP connection or smuggling packets into the overlay network...
CVE-2023-28840
A vulnerability was found in Moby due to an unprotected alternate channel within encrypted overlay networks. This issue could allow a malicious user to cause a denial of service by sending a specially crafted request to inject arbitrary Ethernet frames into the encrypted overlay network...
GHSA-6WRF-MXFJ-PF5P Docker Swarm encrypted overlay network with a single endpoint is unauthenticated
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby is commonly referred to as Docker. Swarm Mode, which is...
Docker Swarm encrypted overlay network with a single endpoint is unauthenticated
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby is commonly referred to as Docker. Swarm Mode, which is...
Moby 安全漏洞
Moby is an open source project that aims to drive containerization of software and help the ecosystem mainstream container technology. A security vulnerability exists in Moby version 1.12 and later. An attacker exploited the vulnerability to inject arbitrary Ethernet frames into a cryptographic...
[SECURITY] Fedora 35 Update: golang-github-mdlayher-ethernet-0-0.5.20201109git0394541.fc35
The Golang package ethernet implements marshaling and unmarshaling of IEEE 802.3 Ethernet II frames and IEEE 802.1Q VLAN tags...