34 matches found
Contemporary Controls BASControl20 安全漏洞
Contemporary Controls BASControl20 is a building automation control and BACnet communication controller developed by the American company Contemporary Controls. The Contemporary Controls BASC 20T has a security vulnerability that stems from network traffic sniffing, which may allow for the...
Automated Logic WebCtrl 安全漏洞
Automated Logic WebCtrl is a web-based building automation system server developed by Automated Logic Corporation in the United States. Automated Logic WebCtrl has a security vulnerability that stems from the lack of network-layer authentication. This vulnerability may allow for the processing of...
BIT-NGINX-GATEWAY-2021-23017
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...
CVE-2025-61932
Lanscope Endpoint Manager On-Premises Client program MR and Detection agent DA improperly verifies the origin of incoming requests, allowing an attacker to execute arbitrary code by sending specially crafted packets...
EUVD-2002-0411
Malware in sbrugna...
CVE-2025-21608 Forged packets over MQTT can show up in direct messages in Meshtastic firmware
Meshtastic is an open source mesh networking solution. In affected firmware versions crafted packets over MQTT are able to appear as a DM in client to a node even though they were not decoded with PKC. This issue has been addressed in version 2.5.19 and all users are advised to upgrade. There are...
CVE-2025-21608 Forged packets over MQTT can show up in direct messages in Meshtastic firmware
Meshtastic is an open source mesh networking solution. In affected firmware versions crafted packets over MQTT are able to appear as a DM in client to a node even though they were not decoded with PKC. This issue has been addressed in version 2.5.19 and all users are advised to upgrade. There are...
CVE-2025-21608 Forged packets over MQTT can show up in direct messages in Meshtastic firmware
Meshtastic is an open source mesh networking solution. In affected firmware versions crafted packets over MQTT are able to appear as a DM in client to a node even though they were not decoded with PKC. This issue has been addressed in version 2.5.19 and all users are advised to upgrade. There are...
PT-2024-4790 · Tp Link · Tp-Link Tl-7Dr5130
Name of the Vulnerable Software and Affected Versions: TP-LINK TL-7DR5130 version 1.0.23 Description: The issue is related to insufficient validation of the communication channel source, which can be exploited by an attacker to perform a TCP Reset attack. This can be done by sending specially...
CVE-2022-27577
The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the TCP initial sequence number. When the TCP sequence is predictable, an attacker can send packets that are forged to appear to come from a trusted computer. These forged packets could compromise servic...
Design/Logic Flaw
The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the TCP initial sequence number. When the TCP sequence is predictable, an attacker can send packets that are forged to appear to come from a trusted computer. These forged packets could compromise servic...
What is SYN Spoofing or TCP Reset Attack❓
Syn Spoofing or TCP Reset Attack is a type of attack in which attackers send forged TCP RST Reset packets to the host. This is the most common attack on the Internet which is causing a lot of problems. These attacks are mainly performed to shut down the websites which are not working with them...
OESA-2021-1225 nginx security update
NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrit...
DEBIAN-CVE-2021-23017
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...
CVE-2017-13080
A new exploitation technique called key reinstallation attacks KRACK affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used group key GTK during a group k...
Key Reinstallation Attack (KRACK)
WPA and WPA2 are vulnerable to key reinstallation attacks KRACK. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used group key GTK during a 4-way handshake...
CVE-2018-18541
In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download...
CVE-2017-13088
A new exploitation technique called key reinstallation attacks KRACK affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used integrity group key IGTK durin...
CVE-2017-13086
A new exploitation technique called key reinstallation attacks KRACK affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used Tunneled Direct-Link Setup TDL...
CVE-2017-13082
A new exploitation technique called key reinstallation attacks KRACK affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used pairwise key PTK-TK by...