Lucene search
K

138 matches found

Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.23 views

ABB M2M Gateway Arbitrary Code Execution in embedded OpenSSH (CVE-2016-10009)

Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket. This plugin only works with Tenable.ot. Please visit...

7.5CVSS7.5AI score0.37431EPSS
Exploits4References43
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.27 views

ABB M2M Gateway Uncontrolled Resource Consumption in embedded Bind (CVE-2023-2828)

Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...

7.5CVSS7AI score0.03776EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.30 views

ABB M2M Gateway Use-After-Free in embedded Linux Kernel (CVE-2022-3564)

A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2capreassemblesdu of the file net/bluetooth/l2capcore.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The...

7.1CVSS6.2AI score0.0129EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.23 views

ABB M2M Gateway Uncontrolled Resource Consumption in embedded Bind (CVE-2022-2795)

By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. This plugin only works with Tenable.ot. Please visit...

5.3CVSS6.5AI score0.01495EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.12 views

ABB M2M Gateway Stack Overflow in embedded Linux Kernel (CVE-2022-4378)

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system. This plugin only works with Tenable.ot. Please visit...

7.8CVSS6.5AI score0.00431EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.8 views

ABB M2M Gateway Information Disclosure in embedded Python (CVE-2023-24329)

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

7.5CVSS7AI score0.20459EPSS
Exploits3References57
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.23 views

ABB M2M Gateway Arbitrary Code Execution in embedded Linux Kernel for some AMD CPUs (CVE-2021-26401)

LFENCE/JMP mitigation V2-2 may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503249;...

5.6CVSS6.9AI score0.74041EPSS
Exploits9References5
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.10 views

ABB M2M Gateway Heap Overflow in embedded Zlib (CVE-2022-37434)

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...

9.8CVSS6.9AI score0.16004EPSS
Exploits1References56
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.14 views

ABB M2M Gateway Out-Of-Bound Memory Read/Write in embedded Libssh2 (CVE-2020-22218)

An issue was discovered in function libssh2packetadd in libssh2 1.10.0 allows attackers to access out of bounds memory. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; i...

7.5CVSS6.6AI score0.00914EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.37 views

ABB M2M Gateway Out-Of-Bound Write in embedded Apr-util (CVE-2022-25147)

Integer Overflow or Wraparound vulnerability in aprbase64 functions of Apache Portable Runtime Utility APR-util allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility APR-util 1.6.1 and prior versions. This plugin only works with Tenable.ot. Plea...

6.5CVSS6.4AI score0.0616EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.8 views

ABB M2M Gateway Use-After-Free in embedded Libexpat (CVE-2022-40674)

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503230;...

8.1CVSS7.4AI score0.0176EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.28 views

ABB M2M Gateway Memory Leak in embedded Bind (CVE-2022-38177)

By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. This plugin only works with Tenable.ot. Please visit...

7.5CVSS6.6AI score0.02299EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2025/05/23 2:40 a.m.9 views

CVE-2023-23575

Improper access control vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker to bypass access restriction and access Network Maintenance page, which may result in obtaining the network information of the product. The affected products and versions are as follows:...

4.3CVSS6.5AI score0.00694EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/02/27 3:5 a.m.3 views

SUSE CVE-2022-49502

In the Linux kernel, the following vulnerability has been resolved: media: rga: fix possible memory leak in rgaprobe rga-m2mdev needs to be freed when rgaprobe fails...

3.3CVSS6.5AI score0.00245EPSS
Exploits0References7
OSV
OSV
added 2025/02/26 7:1 a.m.2 views

DEBIAN-CVE-2022-49502

In the Linux kernel, the following vulnerability has been resolved: media: rga: fix possible memory leak in rgaprobe rga-m2mdev needs to be freed when rgaprobe fails...

5.5CVSS5.5AI score0.00245EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:1 a.m.4 views

UBUNTU-CVE-2022-49502

In the Linux kernel, the following vulnerability has been resolved: media: rga: fix possible memory leak in rgaprobe rga-m2mdev needs to be freed when rgaprobe fails...

5.5CVSS6.2AI score0.00245EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/10/07 12:0 a.m.24 views

CVE-2024-44068

An issue was discovered in the m2m scaler driver in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850,and W920. A Use-After-Free in the mobile processor leads to privilege escalation...

6.9AI score0.01031EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/10/07 12:0 a.m.7 views

PT-2024-7506 · Samsung · Samsung Exynos

Name of the Vulnerable Software and Affected Versions: Samsung Exynos versions 9820 through 9825 Samsung Exynos versions 980 through 990 Samsung Exynos version 850 Samsung Exynos version W920 Description: The issue is related to a use-after-free vulnerability in the m2m scaler driver of Samsung...

8.1CVSS7.9AI score0.01031EPSS
Exploits1References44
VulnCheck KEV
VulnCheck KEV
added 2024/10/07 12:0 a.m.2 views

VulnCheck KEV: CVE-2024-44068

An issue was discovered in the m2m scaler driver in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850,and W920. A Use-After-Free in the mobile processor leads to privilege escalation...

8.1CVSS5.8AI score0.01031EPSS
Exploits1References1
CVE
CVE
added 2024/10/07 12:0 a.m.69 views

CVE-2024-44068

The CVE-2024-44068 issue affects Samsung Exynos devices (M2M scaler driver in Mobile Processor and Wearable Processor families: Exynos 9820/9825/980/990/850/W920). Root cause: use-after-free in the m2m scaler driver leading to privilege escalation. Impact: arbitrary code execution with high confi...

8.1CVSS7.1AI score0.01031EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder