CVE-2023-24819 RIOT-OS vulnerable to Buffer Overflow during IPHC receive

RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be us...

CVE-2023-24819

CVE-2023-24819 affects RIOT-OS prior to version 2022.10, where processing of 6LoWPAN frames can trigger an out-of-bounds write in the packet buffer. The attacker can craft a frame to overflow the buffer, potentially corrupting other packets and allocator metadata, leading to denial of service and...

CVE-2023-24818 RIOT-OS vulnerable to null pointer dereference during fragment forwarding

RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a NULL pointer dereference. During forwarding of a fragment an...

PT-2023-19803 · Riot-Os · Riot-Os

Name of the Vulnerable Software and Affected Versions: RIOT-OS versions prior to 2022.10 Description: The issue concerns a network stack in RIOT-OS, an operating system for Internet of Things devices, which can process 6LoWPAN frames. An attacker can send a crafted frame, resulting in a large out...

RIOT RIOT-OS 数字错误漏洞

RIOT RIOT-OS is a set of operating systems used in the Internet of Things IoT space. A numeric error vulnerability exists in RIOT RIOT-OS versions prior to 2022.10, which can be exploited by an attacker to allow a device to send crafted frames that result in a large number of out-of-bounds writes...

PT-2023-19800 · Riot-Os · Riot-Os

Name of the Vulnerable Software and Affected Versions: RIOT-OS versions prior to 2022.10 Description: The network stack in RIOT-OS, which supports Internet of Things devices, contains a flaw in its ability to process 6LoWPAN frames. An attacker can send a crafted frame to the device, resulting in...

UBUNTU-CVE-2023-2166

A null pointer dereference issue was found in can protocol in net/can/afcan.c in the Linux before Linux. mlpriv may not be initialized in the receive path of CAN frames. A local user could use this flaw to crash the system or potentially cause a denial of service...

Denial Of Services (DoS)

Google Chrome is vulnerable to Denial Of Services DoS. The vulnerability exists due to the use after free in Frames, which allows an attacker to convince a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-43378

A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...

CVE-2022-43378

A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...

Design/Logic Flaw

A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...

CVE-2022-43378

A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...

CVE-2022-43378

CVE-2022-43378 affects Schneider Electric NetBotz 4 (devices 355/450/455/550/570) up to version 4.7.0 and prior. The vulnerability is CWE-1021: improper restriction of rendered UI layers or frames, which could let an attacker trick a user into performing unintended actions when external address f...

CVE-2022-43378

A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...

SUSE CVE-2022-47522

The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept possibly cleartext target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending other frames to the access point such as authentication...

Authentication flaw

The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept possibly cleartext target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending other frames to the access point such as authentication...

CVE-2022-47522

CVE-2022-47522 affects Siemens SCALANCE/W-series wireless devices (e.g., W721-1, W722-1, W734-1, W738-1, W748-1, W761-1, W774-1, W778-1, W786-1/2, W788-1/2, WAM/ WUM lines) across multiple SKUs. The vulnerability concerns how IEEE 802.11 allows a physically proximate attacker to interfere with a ...

CVE-2022-47522

The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept possibly cleartext target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending other frames to the access point such as authentication...

Ubuntu 18.04 LTS : Chromium vulnerabilities (USN-6021-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6021-1 advisory. It was discovered that Chromium did not properly manage memory in several components. A remote attacker could possibly use this issue to corrupt memory v...

PT-2023-3059 · Juniper Networks · Qfx10000 Series +2

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 19.4R3-S10 Juniper Networks Junos OS version 20.1R1 and later versions Juniper Networks Junos OS versions prior to 20.2R3-S6 Juniper Networks Junos OS versions prior to 20.3R3-S6 Juniper Networks...