EUVD-2022-55996

Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors versions VG4.1.1, VG4.0.3, and lower with VG4.2 partially affected contain a network message handling vulnerability that allows remote attackers to inject spoofed or tampered data and cause denial-of-service condition...

CVE-2022-4992

Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors versions VG4.1.1, VG4.0.3, and lower with VG4.2 partially affected contain a network message handling vulnerability that allows remote attackers to inject spoofed or tampered data and cause denial-of-service condition...

CVE-2019-25719 Dräger Infinity M540 VG4.1.1 Spoofing and DoS via Network Message Handling

Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors running software versions VG4.1.1, VG4.0.3, and lower contain network message handling vulnerabilities that allow network-adjacent attackers to spoof or tamper with data and cause denial-of-service conditions. Attacke...

PT-2026-45739

Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors running software versions VG4.1.1, VG4.0.3, and lower contain network message handling vulnerabilities that allow network-adjacent attackers to spoof or tamper with data and cause denial-of-service conditions. Attacke...

EUVD-2026-27688

In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlmsearchrsbtree The len parameter in dlmdumprsbname is not validated and comes from network messages. When it exceeds DLMRESNAMEMAXLEN, it can cause out-of-bounds write in dlmsearchrsbtree. Add length...

CVE-2026-43125

CVE-2026-43125 affects the Linux kernel dlm module. The vulnerability stems from unvalidated length in dlm_dump_rsb_name() coming from network messages, allowing an out-of-bounds write in dlm_search_rsb_tree() when the length exceeds DLM_RESNAME_MAXLEN. This could enable denial of service and, in...

PT-2026-37037

In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte crafted TCP message...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006976)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006976 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network When copying a struct...

PT-2026-09: Process termination caused by a VnetIP message in Yokogawa Centum VP

The vulnerability was identified in Centum VP, versions R1.07.00 or earlier. The discovered vulnerability allows an attacker to to cause the ywnvpcore process to terminate by sending a crafted VnetIP message. Vulnerability status: Confirmed by vendor Date of vulnerability remediation: 13.02.2026...

CVE-2021-22802

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution due to missing length check on user supplied data, when a constructed message is received on the network. Affected Product: Interactive Graphical SCADA System Data Collector dc.ex...

EUVD-2019-5318

Malware in sbrugna...

EUVD-2021-9959

Malicious code in bioql PyPI...

EUVD-2021-9958

Malicious code in bioql PyPI...

CVE-2023-21631

Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network...

CVE-2021-22824

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in denial of service, due to missing length check on user-supplied data from a constructed message received on the network. Affected Product: Interactive Graphical SCADA System Data Collector dc.exe...

CVE-2014-125036

A vulnerability, which was classified as problematic, has been found in drybjed ansible-ntp. Affected by this issue is some unknown functionality of the file meta/main.yml. The manipulation leads to insufficient control of network message volume. The attack can only be done within the local...

CVE-2010-2978

Cisco Unified Wireless Network UWN Solution 7.x before 7.0.98.0 does not use an adequate message-digest algorithm for a self-signed certificate, which allows remote attackers to bypass intended access restrictions via vectors involving collisions, aka Bug ID CSCtd67660...

Alibaba Cloud Linux 3 : 0083: unbound (ALINUX3-SA-2021:0083)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0083 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-12662: Unbound before 1.10.1 has...

PT-2024-36457 · Quectel · Quectel Bc25

Name of the Vulnerable Software and Affected Versions: Quectel BC25 version BC25PAR01A06 Description: The issue allows attackers to bypass authentication via a crafted NAS message. It is noted that Quectel disputes this because the issue is in the chipset supply chain and is not localized to one ...

K37661551: Unbound DNS Cache vulnerabilities CVE-2020-12662 and CVE-2020-12663

Security Advisory Description CVE-2020-12662 Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records. CVE-2020-12663 Unbound before 1.10.1 has an infinite loop via malformed DNS answer...