Design/Logic Flaw

The affected product is vulnerable to a network-based attack by threat actors sending unimpeded requests to the receiving server, which could cause a denial-of-service condition due to lack of heap memory resources...

CVE-2021-43988 ICSA-22-109-03 FANUC ROBOGUIDE Simulation Platform

The affected product is vulnerable to a network-based attack by threat actors utilizing crafted naming conventions of files to gain unauthorized access rights...

CVE-2021-43988

CVE-2021-43988 affects FANUC ROBOGUIDE (simulation platform). The vulnerability is a path traversal issue (improper restriction of pathnames) in ROBOGUIDE versions

CVE-2021-43933

The CVE-2021-43933 entry maps to FANUC ROBOGUIDE Simulation Platform. Affected is ROBOGUIDE versions v9.40083.00.05 (Rev T) and earlier. The issue is Uncontrolled Resource Consumption (CWE-400) leading to a DoS via network-based requests that exhaust heap memory resources. ICSA-22-109-03 notes re...

CVE-2021-43933 ICSA-22-109-03 FANUC ROBOGUIDE Simulation Platform

The affected product is vulnerable to a network-based attack by threat actors sending unimpeded requests to the receiving server, which could cause a denial-of-service condition due to lack of heap memory resources...

CVE-2021-43990

The CVE-2021-43990 entry concerns FANUC ROBOGUIDE, a robot simulation software. Affected product: ROBOGUIDE versions including v9.40083.00.05 and earlier. Vulnerability type: XML External Entity Reference (XXE) in XML payload handling, allowing a crafted malicious XML to trigger an external entit...

CVE-2021-43990 ICSA-22-109-03 FANUC ROBOGUIDE Simulation Platform

The affected product is vulnerable to a network-based attack by threat actors supplying a crafted, malicious XML payload designed to trigger an external entity reference call...

PT-2022-11968 · Fanuc · Roboguide

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves a network-based attack where threat actors supply a crafted, malicious XML payload. This payload is designed to trigger an external...

CVE-2021-35628

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2021-31368 Junos OS: EX2300 Series, EX3400 Series, and ACX710 might become unresponsive if the out-of-band management port receives a flood of traffic

An Uncontrolled Resource Consumption vulnerability in the kernel of Juniper Networks JUNOS OS allows an unauthenticated network based attacker to cause 100% CPU load and the device to become unresponsive by sending a flood of traffic to the out-of-band management ethernet port. Continued receipte...

CVE-2021-38162

SAP Web Dispatcher versions - 7.49, 7.53, 7.77, 7.81, KRNL64NUC - 7.22, 7.22EXT, 7.49, KRNL64UC -7.22, 7.22EXT, 7.49, 7.53, KERNEL - 7.22, 7.49, 7.53, 7.77, 7.81, 7.83 processes allow an unauthenticated attacker to submit a malicious crafted request over a network to a front-end server which may,...

Design/Logic Flaw

An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthenticated attacker to send specific traffic which partially reaches this resource. A high rate of...

Authentication flaw

Improper Authentication vulnerability in the cookie parameter of Circutor SGE-PLC1000 firmware version 0.9.2b allows an attacker to perform operations as an authenticated user. In order to exploit this vulnerability, the attacker must be within the network where the device affected is located...

The vulnerability of the InnoDB component of the MySQL Database Server allows a attacker to cause service failures or gain privileged access.

The vulnerability of the InnoDB component in the MySQL Database Management System is related to resource release errors. Exploiting this vulnerability can allow an attacker to cause service failures or gain privileged access through network packets...

PT-2021-3088 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Description: The vulnerability in Microsoft SharePoint Server is related to insufficient input sanitization, allowing a remote attacker to execute arbitrary code. In a network-based...

Input validation

The DHCPv6 Relay-Agent service, part of the Juniper Enhanced jdhcpd daemon shipped with Juniper Networks Junos OS has an Improper Input Validation vulnerability which will result in a Denial of Service DoS condition when a DHCPv6 client sends a specific DHPCv6 message allowing an attacker to...

CVE-2020-15061

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values...

CVE-2020-6986

In all versions of Omron PLC CJ Series, an attacker can send a series of specific data packets within a short period, causing a service error on the PLC Ethernet module, which in turn causes a PLC service denied result...

CVE-2019-1010275

helm Before 2.7.2 is affected by: CWE-295: Improper Certificate Validation. The impact is: Unauthorized clients could connect to the server because self-signed client certs were aloowed. The component is: helm many files updated, see...

CVE-2018-19982

An issue was discovered on KT MC01507L Z-Wave S0 devices. It occurs because HPKP is not implemented. The communication architecture is APP Server Controller HUB Node products which are controlled by HUB. The prerequisite is that the attacker is on the same network as the target HUB, and can use I...