734 matches found
CVE-2020-11646
A log information disclosure vulnerability in B&R GateManager 4260 and 9250 versions 9.0.20262 and GateManager 8250 versions 9.2.620236042 allows authenticated users to view log information reserved for other users...
CVE-2020-11643
An information disclosure vulnerability in B&R GateManager 4260 and 9250 versions 9.0.20262 and GateManager 8250 versions 9.2.620236042 allows authenticated users to view information of devices belonging to foreign domains...
Critical Flaws Discovered in Popular Industrial Remote Access Systems
Cybersecurity researchers have found critical security flaws in two popular industrial remote access systems that can be exploited to ban access to industrial production floors, hack into company networks, tamper with data, and even steal sensitive business secrets. The flaws, discovered by Tel...
Cross site request forgery (csrf)
iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php...
CVE-2020-12280
Summary: CVE-2020-12280 affects iSmartgate PRO 1.5.9 and is described as a CSRF vulnerability. The issue allows remote attackers to open or close a specified garage door/gate by accessing the endpoint /isg/opendoor.php. The core detail across sources (NVD, Red Hat, CNVD, etc.) is the CSRF risk en...
CVE-2020-12280
iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php...
The vulnerabilities of the MAX 10 FPGA programmable logic circuit, related to configuration errors in its design, allow attackers to gain unauthorized access to protected information.
The vulnerability of the MAX 10 FPGA programmable logic circuit lies in configuration errors in its design. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...
DEBIAN-CVE-2020-25221
getgatepage in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting caused by gate page mishandling of the struct page that backs the vsyscall page. The result is a refcount underflow. This can be triggered by any 64-bit...
UBUNTU-CVE-2020-25221
getgatepage in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting caused by gate page mishandling of the struct page that backs the vsyscall page. The result is a refcount underflow. This can be triggered by any 64-bit...
CVE-2020-25221
getgatepage in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting caused by gate page mishandling of the struct page that backs the vsyscall page. The result is a refcount underflow. This can be triggered by any 64-bit...
CVE-2020-25221
CVE-2020-25221 affects Linux kernel 5.7.x and 5.8.x before 5.8.7. The vulnerability arises in get_gate_page() implemented in mm/gup.c, due to incorrect reference counting of the backing struct page for the vsyscall page, causing a refcount underflow. It can be triggered by any 64-bit process that...
PT-2020-16024 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions 5.7.x through 5.8.6 Description: The issue is related to incorrect reference counting of the struct page that backs the vsyscall page, caused by gate page mishandling in the get gate page function in mm/gup.c. This resul...
CVE-2020-14508
GateManager versions prior to 9.2c, The affected product is vulnerable to an off-by-one error, which may allow an attacker to remotely execute arbitrary code or cause a denial-of-service condition...
The vulnerability of the microprogrammed industrial Ethernet switch Moxa MGate 5105-MB-EIP, related to the bypassing of authentication through capture/replay, allows a intruder to gain unauthorized access to protected information.
The vulnerability of the microprogrammed industrial Ethernet switch Moxa MGate 5105-MB-EIP lies in its ability to bypass authentication through capture/replay. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
Red Gate Software Redgate SQL Monitor Information Disclosure Vulnerability
Red Gate Software Redgate SQL Monitor is a database monitoring tool from Red Gate Software, UK. The product supports Microsoft SQL Server monitoring, alerting, analysis and more. A security vulnerability exists in Red Gate Software Redgate SQL Monitor versions 7.1.4 through 10.1.6, which originat...
Unpatchable 'Starbleed' Bug in FPGA Chips Exposes Critical Devices to Hackers
A newly discovered unpatchable hardware vulnerability in Xilinx programmable logic products could allow an attacker to break bitstream encryption, and clone intellectual property, change the functionality, and even implant hardware Trojans. The details of the attacks against Xilinx 7-Series and...
CVE-2019-9097
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A high rate of transit traffic may cause a low-memory condition and a denial of service...
Rocket Loader skimmer impersonates CloudFlare library in clever scheme
Update: The digital certificate issued for https.ps has been revoked by GlobalSign. Fraudsters are known for using social engineering tricks to dupe their victims, often times by impersonating authority figures to instill trust. In a recent blog post, we noted how criminals behind Magecart skimme...
CVE-2020-9318
Red Gate SQL Monitor 9.0.13 through 9.2.14 allows an administrative user to perform a SQL injection attack by configuring the SNMP alert settings in the UI. This is fixed in 9.2.15...
CVE-2020-9318
Red Gate SQL Monitor 9.0.13 through 9.2.14 allows an administrative user to perform a SQL injection attack by configuring the SNMP alert settings in the UI. This is fixed in 9.2.15...