15 matches found
CVE-2025-40556
A vulnerability has been identified in BACnet ATEC 550-440 All versions, BACnet ATEC 550-441 All versions, BACnet ATEC 550-445 All versions, BACnet ATEC 550-446 All versions. Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the sa...
CVE-2025-66624 BACnet-stack MS/TP reply matcher OOB read
BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. Prior to 1.5.0.rc2, The npduisexpectedreply function in src/bacnet/npdu.c indexes requestpduoffset+2/3/5 and replypduoffset+1/2/4 without verifying that those APDU...
EUVD-2025-14681
Malicious code in bioql PyPI...
EUVD-2025-14857
Malicious code in bioql PyPI...
CVE-2025-24510
A vulnerability has been identified in MS/TP Point Pickup Module All versions. Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the same BACnet network to send a specially crafted MSTP message that results in a denial of service...
CVE-2025-40556
A vulnerability has been identified in BACnet ATEC 550-440 All versions, BACnet ATEC 550-441 All versions, BACnet ATEC 550-445 All versions, BACnet ATEC 550-446 All versions. Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the sa...
CVE-2025-40556
A vulnerability has been identified in BACnet ATEC 550-440 All versions, BACnet ATEC 550-441 All versions, BACnet ATEC 550-445 All versions, BACnet ATEC 550-446 All versions. Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the sa...
CVE-2025-40556
A vulnerability has been identified in BACnet ATEC 550-440 All versions, BACnet ATEC 550-441 All versions, BACnet ATEC 550-445 All versions, BACnet ATEC 550-446 All versions. Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the sa...
CVE-2025-40556
The CVE-2025-40556 vulnerability affects Siemens BACnet ATEC devices (550-440, 550-441, 550-445, 550-446). Affected systems improperly handle specific BACnet MSTP messages, enabling an attacker on the same BACnet network to send crafted MSTP traffic that causes a denial of service, recoverable on...
CVE-2025-24510
A vulnerability has been identified in MS/TP Point Pickup Module All versions. Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the same BACnet network to send a specially crafted MSTP message that results in a denial of service...
CVE-2025-24510
The CVE-2025-24510 affects Siemens MS/TP Point Pickup Module (all versions). Affected devices improperly handle certain BACnet MSTP messages, enabling an attacker on the same BACnet network to craft an MSTP message that triggers a denial-of-service, requiring a power cycle to recover. Total impac...
CVE-2025-24510
A vulnerability has been identified in MS/TP Point Pickup Module All versions. Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the same BACnet network to send a specially crafted MSTP message that results in a denial of service...
CVE-2024-30380
An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause a Denial of Service DoS, which causes the l2cpd process to crash by sending a specific TLV. The l2cpd process is responsible for laye...
CVE-2024-30380
CVE-2024-30380 affects Junos OS and Junos OS Evolved. An adjacent, unauthenticated attacker can trigger a DoS by sending a specific TLV that crashes the l2cpd process, reinitializing STP/RSTP/MSTP/VSTP, MVRP and ERP. Affected versions are: Junos OS: before 20.4R3-S9; 21.2 before 21.2R3-S7; 21.3 b...
CVE-2024-21618 Junos OS and Junos OS Evolved: When LLDP is enabled and a malformed LLDP packet is received, l2cpd crashes
An Access of Memory Location After End of Buffer vulnerability in the Layer-2 Control Protocols Daemon l2cpd of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause Denial of Service DoS. On all Junos OS and Junos OS Evolved platforms, when LLDP is...