CVE-2026-23265

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node footer in read,writeendio ----------- cut here ------------ kernel BUG at fs/f2fs/data.c:358! Call Trace: blkupdaterequest+0x5eb/0xe70 block/blk-mq.c:987 blkmqendrequest+0x3e/0x70...

Linux Distros Unpatched Vulnerability : CVE-2022-50099

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - video: fbdev: arkfb: Check the size of screen before memsetio In the function arkfbsetpar, the value of 'screensize' is calculated by the user input. If the use...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer CVE-2022-48627 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow timeout for anonymous sets CVE-2023-526...

CVE-2021-34567

In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service and an limited out-of-bounds read...

WAGO 缓冲区错误漏洞

WAGO is a 750-88x series programmable logic controller from WAGO, Germany. The device is specifically designed for use in industrial environments as an electronic system for the operation of digital algorithms. A buffer error vulnerability exists in the WAGO I/O-Check Service, which originates fr...

PT-2022-10353 · Wago · Wago I/O-Check Service

Name of the Vulnerable Software and Affected Versions: WAGO I/O-Check Service affected versions not specified Description: The issue allows an unauthenticated remote attacker to send a specially crafted packet containing OS commands, which can cause the iocheck process to crash and result in memo...

PT-2022-10354 · Wago · Wago I/O-Check Service

Name of the Vulnerable Software and Affected Versions: WAGO I/O-Check Service affected versions not specified Description: The issue allows an unauthenticated remote attacker to send a specially crafted packet containing OS commands, which can cause a denial of service and a limited out-of-bounds...

CVE-2019-5181

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. A specially crafted XML cache file written to a specific location on the device can cause a stack buffer overflow, resulting in co...

CVE-2019-5177

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. The destination buffer sp+0x440 is overflowed with the call to sprintf for any domainname values that are greater than...

WAGO PFC200 Stack Buffer Overflow Vulnerability

The WAGO PFC200 is a programmable logic controller PLC from WAGO Germany. A buffer error vulnerability exists in the I/O-Check function of the iocheckd service in the WAGO PFC200. The vulnerability can be exploited by an attacker to execute code with the help of a specially crafted XML cache file...

WAGO PFC200 Command Injection Vulnerability (CNVD-2020-16846)

The WAGO PFC200 is a programmable logic controller PLC from WAGO Germany. A command injection vulnerability exists in the I/O-Check function of the iocheckd service in the WAGO PFC200. The vulnerability arises from a network system or product not properly filtering special characters, commands,...

WAGO PFC200 Command Injection Vulnerability (CNVD-2020-16847)

The WAGO PFC200 is a programmable logic controller PLC from WAGO Germany. A command injection vulnerability exists in the I/O-Check function of the iocheckd service in the WAGO PFC200. The vulnerability arises from a network system or product not properly filtering special characters, commands,...

WAGO PFC200 Command Injection Vulnerability (CNVD-2020-16842)

The WAGO PFC200 is a programmable logic controller PLC from WAGO Germany. A command injection vulnerability exists in the iocheckd service 'I/O-Check' function of the WAGO PFC200 03.02.0214. An attacker can exploit this vulnerability to inject OS commands via specially crafted XML cache files...

WAGO PFC200 Stack Buffer Overflow Vulnerability (CNVD-2020-16851)

The WAGO PFC200 is a programmable logic controller PLC from WAGO Germany. A stack buffer overflow vulnerability exists in the iocheckd service 'I/O-Check' function of the WAGO PFC200 03.02.0214. An attacker could exploit this vulnerability via a specially crafted XML cache file to achieve code...

WAGO PFC200 Command Injection Vulnerability (CNVD-2020-16845)

The WAGO PFC200 is a programmable logic controller PLC from WAGO Germany. A command injection vulnerability exists in the I/O-Check function of the iocheckd service in the WAGO PFC200. The vulnerability arises from a network system or product not properly filtering special characters, commands,...

CVE-2019-5180

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is...

CVE-2019-5179

The CVE-2019-5179 entry concerns the WAGO PFC200 controller with firmware 03.02.02(14). The iocheckd service’s I/O-Check cache parsing (via the file /tmp/iocheckCache.xml) is vulnerable to a stack-based overflow triggered by crafted XML content, enabling code execution. Talos documents multiple c...

CVE-2019-5172

An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1e840 the extracted ntp value from the xml file is us...

CVE-2019-5167

An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.0214. At 0x1e3f0 the extracted dns value from the xml file is used as an argument to /etc/config-tools/editdnsserver %s dns-server-nr=%d dns-server-name= using...

CVE-2019-5166

An exploitable stack buffer overflow vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 version 03.02.0214. A specially crafted XML cache file written to a specific location on the device can cause a stack buffer overflow, resulting in code execution. An attack...