Lucene search
+L

138 matches found

ptsecurity
ptsecurity
added 2023/01/26 12:0 a.m.7 views

PT-2023-14127 · Siretta · Siretta Quartz-Gold

Name of the Vulnerable Software and Affected Versions: Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020 Description: Several OS command injection vulnerabilities exist in the m2m binary. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network...

9.8CVSS9.9AI score0.03499EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2023/01/26 12:0 a.m.10 views

PT-2023-14125 · Siretta · Siretta Quartz-Gold

Name of the Vulnerable Software and Affected Versions: Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020 Description: The issue concerns OS command injection vulnerabilities in the m2m binary. A specially-crafted network request can lead to arbitrary command execution. An attacker can exploit th...

9.8CVSS9.9AI score0.03233EPSS
Exploits0References2
osv
osv
added 2022/08/26 11:4 a.m.3 views

OESA-2022-1872 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In v4l2m2mquerybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not...

6.7CVSS7.9AI score0.00155EPSS
Exploits0References2
osv
osv
added 2022/08/11 3:15 p.m.1 views

DEBIAN-CVE-2022-20369

In v4l2m2mquerybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid...

6.7CVSS6.7AI score0.00155EPSS
Exploits0References1
cnvd
cnvd
added 2022/03/30 12:0 a.m.25 views

EMQ X User Enumeration Vulnerability

EMQ X is a fully open source, highly scalable and highly available distributed MQTT messaging agent for IoT, M2M and mobile applications. Suitable for IoT, M2M and mobile applications EMQ programs can handle tens of millions of concurrent clients. EMQ X Dashboard version V3.0.0 contains a user...

5.3CVSS2.6AI score0.00855EPSS
Exploits1References1
osv
osv
added 2021/06/01 8:15 p.m.0 views

DEBIAN-CVE-2020-22038

A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ffv4l2m2mcreatecontext function in v4l2m2m.c...

6.5CVSS6.4AI score0.01002EPSS
Exploits1References1
osv
osv
added 2021/06/01 8:15 p.m.2 views

UBUNTU-CVE-2020-22038

A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ffv4l2m2mcreatecontext function in v4l2m2m.c...

6.5CVSS6.7AI score0.01002EPSS
Exploits1References5
cnnvd
cnnvd
added 2021/06/01 12:0 a.m.5 views

FFmpeg 安全漏洞

FFmpeg is a complete solution for recording, converting and streaming audio and video. A security vulnerability exists in FFmpeg that originates from a memory leak in the ffv4l2m2mcreatecontext function of v4l2m2m.c. The vulnerability can be exploited to cause a denial of service. An attacker can...

6.5CVSS5.7AI score0.01002EPSS
Exploits1References5
osv
osv
added 2019/01/31 5:29 p.m.3 views

CVE-2018-17926

The product M2M ETHERNET FW Versions 2.22 and prior, ETH-FW Versions 1.01 and prior is vulnerable in that an attacker can upload a malicious language file by bypassing the user authentication mechanism...

4.3CVSS5.8AI score0.00787EPSS
Exploits0References2
nvd
nvd
added 2019/01/31 5:29 p.m.22 views

CVE-2018-17926

The product M2M ETHERNET FW Versions 2.22 and prior, ETH-FW Versions 1.01 and prior is vulnerable in that an attacker can upload a malicious language file by bypassing the user authentication mechanism...

4.3CVSS4.7AI score0.00787EPSS
Exploits0References2
prion
prion
added 2019/01/31 5:29 p.m.14 views

Authentication flaw

The product M2M ETHERNET FW Versions 2.22 and prior, ETH-FW Versions 1.01 and prior is vulnerable in that an attacker can upload a malicious language file by bypassing the user authentication mechanism...

3.3CVSS4.7AI score0.00787EPSS
Exploits0References2Affected Software2
cvelist
cvelist
added 2019/01/31 5:0 p.m.22 views

CVE-2018-17926

The product M2M ETHERNET FW Versions 2.22 and prior, ETH-FW Versions 1.01 and prior is vulnerable in that an attacker can upload a malicious language file by bypassing the user authentication mechanism...

4.8AI score0.00787EPSS
Exploits0References2
cve
cve
added 2019/01/31 5:0 p.m.65 views

CVE-2018-17926

Summary of CVE-2018-17926 (ABB M2M ETHERNET) Vulnerability: Improper authentication (CWE-287) in ABB M2M ETHERNET devices allows an attacker to upload a malicious language file by bypassing user authentication. Affected products/versions: M2M ETHERNET with FW 2.22 and prior and ETH-FW 1.01 and pr...

4.3CVSS4.7AI score0.00787EPSS
Exploits0References2Affected Software2
threatpost
threatpost
added 2019/01/09 5:35 p.m.16 views

The Promise and Peril of 5G

The next generation of mobile cellular technology known as fifth-generation wireless 5G is hitting a peak in the hype cycle, emerging as a major theme/5G.aspx at the Consumer Electronics Show CES this week. Wireless carriers are investing billions of dollars into the technology, which requires a...

7.3AI score
Exploits0References19
openvas
openvas
added 2018/12/20 12:0 a.m.61 views

ABB M2M ETHERNET Detection

Detection of ABB M2M ETHERNET. The script sends a connection request to the server and attempts to detect ABB M2M ETHERNET and to extract its version. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respecti...

7.2AI score
Exploits0References1
cnvd
cnvd
added 2018/12/19 12:0 a.m.2 views

ABB M2M ETHERNET Improper Authentication Vulnerability

ABB M2M ETHERNET is a network analysis device from ABB Switzerland. An authorization issue vulnerability exists in ABB M2M ETHERNET FW version 2.22 and earlier and ETH-FW version 1.01 and earlier. An attacker can exploit this vulnerability to upload malicious language files...

4.3CVSS7AI score0.00787EPSS
Exploits0References1
ics
ics
added 2018/12/18 12:0 a.m.79 views

ABB M2M ETHERNET

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable from an adjacent network/low skill level to exploit Vendor: ABB Equipment: M2M ETHERNET Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to upload a malicious...

4.3CVSS5AI score0.00787EPSS
Exploits0References5
trendmicroblog
trendmicroblog
added 2018/12/04 1:5 p.m.24 views

Parlez-vous Machine?

Have you ever heard of the MQTT or CoAP protocols? No? Well the device on your wrist, and so many devices around you, could be using them right now. MQTT and CoAP are machine-to-machine or M2M protocols. With the rise of the internet of things IoT and operational technology OT, there’s increased...

Exploits0
osv
osv
added 2018/08/10 7:29 p.m.5 views

CVE-2018-14784

NetComm Wireless G LTE Light Industrial M2M Router NWL-25 with firmware 2.0.29.11 and prior. The device is vulnerable to several cross-site scripting attacks, allowing a remote attacker to run arbitrary code on the device...

6.1CVSS6AI score0.00977EPSS
Exploits0References2
prion
prion
added 2018/08/10 7:29 p.m.16 views

Cross site request forgery (csrf)

NetComm Wireless G LTE Light Industrial M2M Router NWL-25 with firmware 2.0.29.11 and prior. A cross-site request forgery condition can occur, allowing an attacker to change passwords of the device remotely...

6.8CVSS8.6AI score0.0067EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder