21 matches found
CVE-2024-45167
An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...
CVE-2024-45166
An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...
CVE-2024-45169
An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...
CVE-2024-45168
An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Data is transferred over a raw socket without any authentication mechanism. Thus, communication endpoints are not verifiable...
CVE-2024-45167
An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...
CVE-2024-45166
An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...
CVE-2024-45167
An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...
UCI IDOL 2 安全漏洞
UCI IDOL 2 IDOL2,uciIDOL is a management system from UCI Inc. to optimize the company's business processes as well as increase productivity. A security vulnerability exists in UCI IDOL 2 version 2.12 and prior versions that stems from improper input validation, improper deserialization, and...
CVE-2024-45165
An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Data is sent between client and server with encryption. However, the key is derived from the string "c2007 UCI Software GmbH B.Boll" without quotes. The key is both static and hardcoded. With access to messages, this results...
CVE-2024-45168
CVE-2024-45168 affects UCI IDOL 2 (IDOL2) up to version 2.12. The vulnerability arises because data is transferred over a raw socket without authentication, making communication endpoints not verifiable. Reported CVSSv3.1 base score is 9.1 (CRITICAL) with network exposure, low attack complexity, ...
UCI IDOL 2 安全漏洞
UCI IDOL 2 IDOL2,uciIDOL is a management system from UCI Inc. to optimize the company's business processes as well as increase productivity. A security vulnerability exists in UCI IDOL 2 version 2.12 and prior versions that stems from data being transferred over raw sockets without any...
CVE-2024-45165
An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Data is sent between client and server with encryption. However, the key is derived from the string "c2007 UCI Software GmbH B.Boll" without quotes. The key is both static and hardcoded. With access to messages, this results...
CVE-2024-45166
UCI IDOL 2 (IDOL2/uciIDOL) up to version 2.12 is affected by a vulnerability caused by improper input validation, improper deserialization, and improper restriction of memory buffer operations. The issue can lead to Denial-of-Service and possibly remote code execution, with an access violation an...
CVE-2024-45168
An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Data is transferred over a raw socket without any authentication mechanism. Thus, communication endpoints are not verifiable...
CVE-2024-45165
CVE-2024-45165 affects UCI IDOL 2 (IDOL2) up to version 2.12. The issue is that the client–server encryption uses a static, hardcoded key derived from the string “(c)2007 UCI Software GmbH B.Boll.” This enables an attacker with access to the messages to decrypt and re-encrypt traffic, enabling pa...
CVE-2024-45169
An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...
CVE-2024-45166
An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...
CVE-2024-45169
An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...
CVE-2024-45167
An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...
CVE-2024-45166
An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...