829 matches found
Buffer overflow
Rockwell Automation MicroLogix 1400 Version 21.6 and below may allow a remote unauthenticated attacker to send a specially crafted Modbus packet allowing the attacker to retrieve or modify random values in the register. If successfully exploited, this may lead to a buffer overflow resulting in a...
CVE-2021-22659
Rockwell Automation MicroLogix 1400 Version 21.6 and below may allow a remote unauthenticated attacker to send a specially crafted Modbus packet allowing the attacker to retrieve or modify random values in the register. If successfully exploited, this may lead to a buffer overflow resulting in a...
CVE-2021-22659
Rockwell Automation MicroLogix 1400 Version 21.6 and below may allow a remote unauthenticated attacker to send a specially crafted Modbus packet allowing the attacker to retrieve or modify random values in the register. If successfully exploited, this may lead to a buffer overflow resulting in a...
PT-2021-15157 · Rockwell Automation · Micrologix 1400
Name of the Vulnerable Software and Affected Versions: Rockwell Automation MicroLogix 1400 versions 21.6 and below Description: The issue allows a remote unauthenticated attacker to send a specially crafted Modbus packet, enabling the retrieval or modification of random values in the register...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.500.9.3.el7 - net/rds: Reject error code change Ka-Cheong Poon Orabug: 32577425 - PCI: hotplug: Add module parameter to allow user control of LEDs James Puthukattukaran Orabug: 32577399 - net/rds: increase 1MB MR pool size for RDS Manjunath Patil Orabug: 32577394...
csas.china-led.net Cross Site Scripting vulnerability OBB-1454515
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
led-sport-light.com Cross Site Scripting vulnerability OBB-1438066
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
the-led-lamp.com Cross Site Scripting vulnerability OBB-1406771
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
led-downlight.com Cross Site Scripting vulnerability OBB-1406716
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
The vulnerability of the Intel LED Manager for NUC software, related to authentication deficiencies, allows a hacker to trigger a service failure.
The vulnerability of the Intel LED Manager for NUC software-related lighting control systems is related to authentication deficiencies. Exploiting this vulnerability could allow an attacker to cause malfunctions in the system’s operation...
CVE-2020-17382
The MSI AmbientLink MsIo64 driver 1.0.0.8 has a Buffer Overflow 0x80102040, 0x80102044, 0x80102050,and 0x80102054. Recent assessments: bwatters-r7 at September 09, 2020 6:09pm UTC reported: This is a vulnerability in the MSI AmbientLink Version 1.0.0.8. The vulnerability allows a regular user...
CVE-2020-8685
Improper authentication in subsystem for Intel R LED Manager for NUC before version 1.2.3 may allow privileged user to potentially enable denial of service via local access...
CVE-2020-8685
Improper authentication in subsystem for Intel R LED Manager for NUC before version 1.2.3 may allow privileged user to potentially enable denial of service via local access...
CVE-2020-8685
Intel® LED Manager for NUC before version 1.2.3 contains an improper authentication vulnerability that may allow a privileged local user to trigger a denial of service. The Intel advisory Intel‑SA‑00376 confirms affected versions and recommends updating to 1.2.3 or later. CVSSv3.1 base score 4.4 ...
CVE-2020-8685
Improper authentication in subsystem for Intel R LED Manager for NUC before version 1.2.3 may allow privileged user to potentially enable denial of service via local access...
Intel® LED Manager for NUC Advisory
Summary: A potential security vulnerability in the Intel® LED Manager for NUC may allow denial of service. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2020-8685 Description: Improper authentication in subsystem for Intel R LED...
led-lichterketten-test.de Cross Site Scripting vulnerability OBB-1245818
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Low-power Bluetooth (BLE) connectivity vulnerability in LED smart bulbs at Foshan Electric Lighting Co.
LED smart light bulb is a new technology light source, which has the advantages of beauty, fashion, energy saving, environmental protection, safety and so on, and it can be controlled by intelligent devices. Foshan Electric Lighting Co., Ltd LED smart bulb there is a low-power Bluetooth BLE...
Applied ThreadFix: Getting the Most Out of Your Training Investment
As we talked about in an earlier blog post, secure coding training for developers can be expensive. Knowledgeable individuals who are adept at training are relatively rare. Quality training materials are expensive to develop and maintain. For these reasons, solid commercial instructor-led trainin...
CVE-2019-18980
On Signify Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb 9290022656 devices, an unprotected API lets remote users control the bulb's operation. Anyone can turn the bulb on or off, or change its color or brightness remotely. There is no authentication or encryption to use the control API. Th...