Lucene search
K

105 matches found

Gitee
Gitee
added 2023/09/08 9:54 a.m.9 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Iphone_Os

CVE-2018-4407 is a heap buffer overflow vulnerability in the XNU operating system kernel, affecting both iOS and macOS. The vulnerability can lead to a denial-of-service DOS attack. The exploit is a simple and fast BOF Buffer Overflow attack that can be launched using the provided Python script...

8.8CVSS7.3AI score0.2201EPSS
Exploits11
Vulnrichment
Vulnrichment
added 2023/01/26 9:24 p.m.7 views

CVE-2022-41017

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

7.2CVSS9.1AI score0.01837EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/01/26 9:24 p.m.6 views

CVE-2022-41009

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

7.2CVSS7.7AI score0.01666EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/01/26 9:24 p.m.7 views

CVE-2022-40993

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

7.2CVSS9.1AI score0.01372EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/26 9:24 p.m.12 views

CVE-2022-40989

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

7.2CVSS8AI score0.01372EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/12/16 12:0 a.m.5 views

Rockwell Automation MicroLogix 1100和MicroLogix 1400 安全漏洞

The Rockwell Automation MicroLogix 1400 and the Rockwell Automation MicroLogix 1100 are both products of Rockwell Automation, Inc. The Rockwell Automation MicroLogix 1400 and Rockwell Automation MicroLogix 1100 are both products of Rockwell Automation, Inc. The Rockwell Automation MicroLogix 1400...

7.5CVSS7.3AI score0.00678EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/08/05 9:19 p.m.9 views

CVE-2022-27178

A denial of service vulnerability exists in the confctlsetwancfg functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A specially-crafted network packet can lead to denial of service. An attacker can send packets to trigger this vulnerability...

9.6CVSS9.2AI score0.00999EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/06/30 7:6 p.m.11 views

CVE-2022-33329

Multiple command injection vulnerabilities exist in the webserver ajax endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network packets can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.The /ajax/setsystime/...

9.1CVSS7.9AI score0.04251EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.6 views

SAP Netweaver 缓冲区错误漏洞

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A memory corruption vulnerability exists in SAP NetWeaver AS for ABAP, which stems from an input validation erro...

7.5CVSS5.7AI score0.01508EPSS
Exploits0References6
CNVD
CNVD
added 2021/01/11 12:0 a.m.4 views

Denial of Service Vulnerability in TP-Link TL-XDR1860 Easy Show Edition

The TL-XDR1860 Easy Show Edition is a wireless router. A denial of service vulnerability exists in the TP-Link TL-XDR1860 Easy Show Edition. An attacker can exploit the vulnerability to cause a denial of service to the target router and its upper tier operator's router by sending a carefully...

7AI score
Exploits0
OSV
OSV
added 2020/12/17 11:15 p.m.4 views

CVE-2020-12521

On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An attacker can cause failure of system services or a complete reboot...

6.5CVSS6.6AI score0.00454EPSS
Exploits0References1
Prion
Prion
added 2020/11/30 10:15 p.m.15 views

Input validation

Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to...

7.8CVSS7.3AI score0.02117EPSS
Exploits0References2Affected Software12
FreeBSD Advisory
FreeBSD Advisory
added 2020/09/15 12:0 a.m.13 views

FreeBSD-SA-20:27.ure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:27.ure Security Advisory The FreeBSD Project Topic: ure device driver susceptible to packet-in-packet attack Category: core Module: ure Announced: 2020-09-15...

5.3CVSS6.3AI score0.00737EPSS
Exploits0
OSV
OSV
added 2020/08/31 6:15 p.m.5 views

CVE-2020-2075

Platform mechanism AutoIP allows remote attackers to reboot the device via a crafted packet in SICK AG solutions Bulkscan LMS111, Bulkscan LMS511, CLV62x – CLV65x, ICR890-3, LMS10x, LMS11x, LMS15x, LMS12x, LMS13x, LMS14x, LMS5xx, LMS53x, MSC800, RFH...

7.5CVSS7.2AI score0.0143EPSS
Exploits0References1
OSV
OSV
added 2020/05/07 1:15 p.m.3 views

CVE-2020-6081

An exploitable code execution vulnerability exists in the PLCTask functionality of 3S-Smart Software Solutions GmbH CODESYS Runtime 3.5.14.30. A specially crafted network request can cause remote code execution. An attacker can send a malicious packet to trigger this vulnerability...

8.8CVSS7.9AI score0.01757EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2019/11/05 8:56 p.m.11 views

kernel: Heap address information leak while using L2CAP_GET_CONF_OPT

A flaw was found in the Linux kernel's implementation of Logical Link Control and Adaptation Protocol L2CAP, part of the Bluetooth stack. An attacker, within the range of standard Bluetooth transmissions, can create and send a specially crafted packet. The response to this specially crafted packe...

6.5CVSS7AI score0.01827EPSS
Exploits1References4
OSV
OSV
added 2018/05/07 1:29 p.m.11 views

CVE-2018-1313

In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted network packet can be used to request the Derby Network Server to boot a database whose location and contents are under the user's control. If the Derby Network Server is not running with a Java Security Manager policy file, the attack is...

5.3CVSS5.1AI score
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2017/05/15 12:0 a.m.4 views

The vulnerability of the Oracle MySQL database management system allows a hacker to trigger a service failure.

The vulnerability of the MySQL Server component of the Oracle MySQL database management system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to cause the system to become unresponsive or to crash through network packets...

4CVSS6.8AI score0.02335EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2016/08/07 4:59 p.m.8 views

CVE-2016-5354

The USB subsystem in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles class types, which allows remote attackers to cause a denial of service application crash via a crafted packet...

5.9CVSS7.2AI score
Exploits0References7
OSV
OSV
added 2016/05/01 1:59 a.m.1 views

DEBIAN-CVE-2016-4421

epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service deep recursion, stack consumption, and application crash via a packet that specifies deeply nested data...

5.9CVSS6.3AI score0.01354EPSS
Exploits0References1
Rows per page
Query Builder