138 matches found
CVE-2026-26284
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagick lacks proper boundary checking when processing Huffman-coded data from PCD Photo CD files. The decoder contains an function that has an incorrect...
EUVD-2017-9382
Malware in sbrugna...
EUVD-2017-18559
Malware in sbrugna...
EUVD-2022-53463
Malicious code in bioql PyPI...
CVE-2022-30319
Saia Burgess Controls SBC PCD through 2022-05-06 allows Authentication bypass. According to FSCT-2022-0062, there is a Saia Burgess Controls SBC PCD S-Bus authentication bypass issue. The affected components are characterized as: S-Bus 5050/UDP authentication. The potential impact is:...
CVE-2022-32266
DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe could lead to a TOCTOU attack on the SMI handler and lead to corruption of other ACPI fields and adjacent memory fields. DMA attacks on the parameter buffer used by a software SMI handler used by the...
Medium: python-pillow
Issue Overview: Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library PIL 1.1.7 and earlier allows remote attackers to cause a denial of service crash via a crafted PhotoCD file. CVE-2016-2533 Affected Packages: python-pillow Note: This...
Important: ImageMagick
Issue Overview: Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service segmentation fault or possibly execute arbitrary code via vectors involving the offset variable. CVE-2016-5841 ImageMagick 7.0.7-12 Q16, a CPU exhaustion...
SUSE CVE-2017-18251
An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file...
SUSE CVE-2018-14435
ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c...
CVE-2022-32266
DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe could lead to a TOCTOU attack on the SMI handler and lead to corruption of other ACPI fields and adjacent memory fields. DMA attacks on the parameter buffer used by a software SMI handler used by the...
CVE-2022-30319
Saia Burgess Controls SBC PCD through 2022-05-06 allows Authentication bypass. According to FSCT-2022-0062, there is a Saia Burgess Controls SBC PCD S-Bus authentication bypass issue. The affected components are characterized as: S-Bus 5050/UDP authentication. The potential impact is:...
CVE-2022-30319
Saia Burgess Controls SBC PCD through 2022-05-06 allows Authentication bypass. According to FSCT-2022-0062, there is a Saia Burgess Controls SBC PCD S-Bus authentication bypass issue. The affected components are characterized as: S-Bus 5050/UDP authentication. The potential impact is:...
CVE-2022-30320
The CVE-2022-30320 entry concerns Saia Burgess Controls (SBC) PCD and its S-Bus authentication over UDP (5050). The root cause is use of a CRC-16 based hash for password verification in the S-Bus write-byte authentication, which is not cryptographically secure. Reported impact is authentication b...
CVE-2022-30320
Saia Burgess Controls SBC PCD through 2022-05-06 uses a Broken or Risky Cryptographic Algorithm. According to FSCT-2022-0063, there is a Saia Burgess Controls SBC PCD S-Bus weak credential hashing scheme issue. The affected components are characterized as: S-Bus 5050/UDP authentication. The...
Honeywell Saia Burgess PG5 PCD
1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable on adjacent network/low attack complexity Vendor: Honeywell Equipment: Saia Burgess PG5 PCD Vulnerabilities: Authentication Bypass, Use of a Broken or Risky Cryptographic Algorithm CISA is aware of a public report known as “OT:ICEFALL” that...
Honeywell Saia Burgess PG5 PCD 加密问题漏洞
The Honeywell Saia Burgess PG5 PCD is a Honeywell USA solution that includes SBC Instrumentation, Control, and Automation ICA device implementation and operational automation. A cryptographic issue vulnerability exists in all versions of the Honeywell Saia Burgess PG5 PCD that stems from a...
CISA Releases Security Advisories Related to OT:ICEFALL (Insecure by Design) Report
CISA is aware that Forescout researchers have released OT:ICEFALL, a report on 56 vulnerabilities caused by insecure-by-design practices in operational technology across multiple vendors. The vulnerabilities are divided into four main categories: insecure engineering protocols, weak cryptography ...
PT-2022-3082 · Saia Burgess Controls · Saia Burgess Controls Pcd
Name of the Vulnerable Software and Affected Versions: Saia Burgess Controls SBC PCD through 2022-05-06 Description: The issue concerns an authentication bypass in the S-Bus protocol used by Saia Burgess Controls SBC PCD controllers. The S-Bus protocol, which operates on UDP port 5050, is utilize...
Honeywell Saia Burgess PG5 PCD Authentication Bypass Using an Alternate Path or Channel (CVE-2022-30319, CVE-2022-30320)
The device may be vulnerable to flaws related to OT:ICEFALL. These vulnerabilities identify the insecure-by-design nature of OT devices and may not have a clear remediation path. As such, Nessus is unable to test specifically for these vulnerabilities but has identified the device to be one that...