14782 matches found
CVE-2023-7343
Hirschmann Industrial HiVision versions 05.0.00 through 08.3.01 prior to 08.3.02 contain an arbitrary code execution vulnerability triggered when an administrator opens a maliciously crafted project file. Successful exploitation allows the attacker to execute code in the context of the HiVision...
CVE-2023-7343 Belden Industrial HiVision Arbitrary Code Execution via Malicious Project File
Hirschmann Industrial HiVision versions 05.0.00 through 08.3.01 prior to 08.3.02 contain an arbitrary code execution vulnerability triggered when an administrator opens a maliciously crafted project file. Successful exploitation allows the attacker to execute code in the context of the HiVision...
CVE-2023-7343
Hirschmann Industrial HiVision versions 05.0.00 through 08.3.01 prior to 08.3.02 contain an arbitrary code execution vulnerability triggered when an administrator opens a maliciously crafted project file. Successful exploitation allows the attacker to execute code in the context of the HiVision...
CVE-2023-7343 Belden Industrial HiVision Arbitrary Code Execution via Malicious Project File
Hirschmann Industrial HiVision versions 05.0.00 through 08.3.01 prior to 08.3.02 contain an arbitrary code execution vulnerability triggered when an administrator opens a maliciously crafted project file. Successful exploitation allows the attacker to execute code in the context of the HiVision...
CVE-2023-7342
HiSecOS web server versions 03.4.00 prior to 04.1.00 contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administrator role by sending specially crafted packets to the web server. Attackers can exploit this fla...
CVE-2023-7342
HiSecOS web server versions 03.4.00 prior to 04.1.00 contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administrator role by sending specially crafted packets to the web server. Attackers can exploit this fla...
CVE-2023-7342
HiSecOS web server has a privilege-escalation flaw that allows authenticated users with operator or auditor roles to elevate to administrator by sending specially crafted packets to the web server, potentially granting full administrative control of the device. The available documents provide det...
SUSE CVE-2026-35092
A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...
Belden HiSecOS 安全漏洞
Belden HiSecOS is an operating system for industrial security routers developed by the American company Belden. There were security vulnerabilities in versions of the Belden HiSecOS web server prior to 08.3.02. These vulnerabilities stemmed from a permission escalation issue when specially crafte...
PT-2026-29867
Name of the Vulnerable Software and Affected Versions HiSecOS web server versions 03.4.00 through 04.0.99 Description HiSecOS web server versions 03.4.00 through 04.0.99 contain a privilege escalation flaw. Authenticated users with operator or auditor roles can escalate their privileges to the...
Linux Distros Unpatched Vulnerability : CVE-2026-35092
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send...
UBUNTU-CVE-2026-35092
A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...
CVE-2026-35092
A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...
CVE-2026-35092
A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...
CVE-2026-24028 Out-of-bounds read when parsing DNS packets via Lua
An attacker might be able to trigger an out-of-bounds read by sending a crafted DNS response packet, when custom Lua code uses newDNSPacketOverlay to parse DNS packets. The out-of-bounds read might trigger a crash, leading to a denial of service, or access unrelated memory, leading to potential...
CVE-2026-24028
CVE-2026-24028 affects dnsdist, a DNS load balancer. The issue arises when custom Lua code parses DNS packets with newDNSPacketOverlay, causing an out-of-bounds read that can crash the process and potentially disclose memory. Connected advisories confirm the vulnerability and list it among multip...
CVE-2025-49010
A flaw was found in OpenSC, an open source smart card tools and middleware. An attacker with physical access to the computer, at the time a user or administrator uses a token, can exploit this vulnerability. By presenting specially crafted responses to Application Protocol Data Units APDUs from a...
Incorrect Privilege Assignment
Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment due to improper BGP header validation in the BGPHeader.DecodeFromBytes function. An attacker can modify BGP header data by sending specially crafted packets to the affected process. Remediation Upgrade...
Incorrect Privilege Assignment
Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment due to improper BGP header validation in the BGPHeader.DecodeFromBytes function. An attacker can modify BGP header data by sending specially crafted packets to the affected process. Remediation Upgrade...
Incorrect Privilege Assignment
Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment due to improper BGP header validation in the BGPHeader.DecodeFromBytes function. An attacker can modify BGP header data by sending specially crafted packets to the affected process. Remediation Upgrade...