CVE-2025-48735

CVE-2025-48735 concerns BOS IPCs where firmware before 21.45.8.2.3_230220 is vulnerable to a SQL injection in the request body processing. The affected component is the BOS IPCs firmware stack (versions from 21.45.8.2.2_220219 up to, but not including, 21.45.8.2.3_230220). The root cause is impro...

BOS IPCs SQL注入漏洞

BOS IPCs is a family of sensors from BOS. A SQL injection vulnerability exists in versions prior to BOS IPCs 21.45.8.2.3230220, which stems from improper handling of the request body and could lead to SQL injection...

CVE-2023-53052

In the Linux kernel, the following vulnerability has been resolved: cifs: fix use-after-free bug in refreshcacheworker The UAF bug occurred because we were putting DFS root sessions in cifsumount while DFS cache refresher was being executed. Make DFS root sessions have same lifetime as DFS tcons ...

CVE-2023-33757

A lack of SSL certificate validation in Splicecom iPCS iOS App v1.3.4, iPCS2 iOS App v2.8 and before, and iPCS Android App v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack...

CVE-2023-33757

A lack of SSL certificate validation in Splicecom iPCS iOS App v1.3.4, iPCS2 iOS App v2.8 and before, and iPCS Android App v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack...

Design/Logic Flaw

A lack of SSL certificate validation in Splicecom iPCS iOS App v1.3.4, iPCS2 iOS App v2.8 and before, and iPCS Android App v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack...

CVE-2023-33757

A lack of SSL certificate validation in Splicecom iPCS iOS App v1.3.4, iPCS2 iOS App v2.8 and before, and iPCS Android App v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack...

CVE-2023-33757

CVE-2023-33757 affects Splicecom iPCS: iOS app v1.3.4, iPCS2 for iOS v2.8 and earlier, and Android iPCS v1.8.5 and earlier suffer from insufficient SSL certificate validation, enabling attackers to perform man-in-the-middle disruption and eavesdropping on communications. Root cause is a lack of p...

Splicecom iPCS Security Vulnerability

Splicecom iPCS is an IP telephony software. A security vulnerability exists in Splicecom iPCS that stems from a lack of SSL certificate validation...

CVE-2023-33757

A lack of SSL certificate validation in Splicecom iPCS iOS App v1.3.4, iPCS2 iOS App v2.8 and before, and iPCS Android App v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack...

Siemens SIMATIC IPCs

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

openSUSE: Security Advisory for util-linux (openSUSE-SU-2021:1440-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for util-linux (moderate)

openSUSE Security Update: Security update for util-linux Announcement ID: openSUSE-SU-2021:1440-1 Rating: moderate References: 1122417 1125886 1178236 1188921 Cross-References: CVE-2021-37600 CVSS scores: CVE-2021-37600 NVD : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-37600 SUSE: 5...

CVE-2020-12510

The default installation path of the TwinCAT XAR 3.1 software in all versions is underneath C:\TwinCAT. If the directory does not exist it and further subdirectories are created with permissions which allow every local user to modify the content. The default installation registers TcSysUI.exe for...

Default configuration

The default installation path of the TwinCAT XAR 3.1 software in all versions is underneath C:\TwinCAT. If the directory does not exist it and further subdirectories are created with permissions which allow every local user to modify the content. The default installation registers TcSysUI.exe for...

CVE-2020-12510

CVE-2020-12510 concerns Beckhoff’s TwinCAT XAR 3.1. The default installation path is C:\TwinCAT, and if this directory (or subdirectories) does not exist they are created with permissions that allow any local user to modify contents. TcSysUI.exe is registered for automatic execution on user login...

Siemens CP 1616 Onboard card of SIMATIC IPCs Communications Adapter Detection

Binary data 762019.prm...

Siemens Intel Active Management Technology of SIMATIC IPCs

1. EXECUTIVE SUMMARY CVSS v3 6.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Intel Active Management Technology AMT of SIMATIC IPCs Vulnerabilities: Cryptographic Issues, Improper Restriction of Operations within the Bounds of a Memory Buffer, Resource...

Scientific Linux Security Update : util-linux-ng on SL6.x i386/x86_64

The util-linux-ng packages contain a large variety of low-level system utilities that are necessary for a Linux operating system to function. Multiple flaws were found in the way the mount and umount commands performed mtab mounted file systems table file updates. A local, unprivileged user allow...

RedHat Update for util-linux-ng RHSA-2011:1691-03

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...