CVE-2026-39312 Pre-Auth EAP-TLS DoS on SoftEther VPN Developer Edition

SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. In 5.2.5188 and earlier, a pre-authentication denial-of-service vulnerability exists in SoftEther VPN Developer Edition 5.2.5188 and likely earlier versions of Developer Edition. An unauthenticated remote attacker can cra...

Your MRI is Online: The Hidden Risks of Exposed DICOM Servers in UK Healthcare

Hospitals invest heavily in physical security: Clinical areas are access-controlled, sensitive rooms are locked, and patient records are governed by strict handling procedures. Network exposure does not always receive the same level of scrutiny. Rapid7 Labs identified more than 30 UK-based system...

CVE-2025-40944

A vulnerability has been identified in SIMATIC ET 200AL IM 157-1 PN 6ES7157-1AB00-0AB0 All versions, SIMATIC ET 200MP IM 155-5 PN HF 6ES7155-5AA00-0AC0 All versions = V4.2.0, SIMATIC ET 200SP IM 155-6 MF HF 6ES7155-6MU00-0CN0 All versions, SIMATIC ET 200SP IM 155-6 PN HA incl. SIPLUS variants All...

CVE-2025-65805

OpenAirInterface CN5G AMF=v2.1.9 has a buffer overflow vulnerability in processing NAS messages. Unauthorized remote attackers can launch a denial-of-service attack and potentially execute malicious code by accessing port N1 and sending an imsi string longer than 1000 to AMF...

PT-2025-38491

Name of the Vulnerable Software and Affected Versions Cognex In-Sight Explorer and In-Sight Camera Firmware affected versions not specified Description The software exposes a proprietary protocol on TCP port 1069 for management operations, including modifying system properties. The user managemen...

CVE-2022-36601

The Eclipse TCF debug interface in JasMiner-X4-Server-20220621-090907 and below is open on port 1534. This issue allows unauthenticated attackers to gain root privileges on the affected device and access sensitive data or execute arbitrary commands...

CVE-2024-29969

When a Brocade SANnav installation is upgraded from Brocade SANnav v2.2.2 to Brocade SANnav 2.3.0, TLS/SSL weak message authentication code ciphers are added by default for port 18082...

Webmin和Virtualmin 安全漏洞

Webmin is a set of Web-based system administration tools for use in Unix-like operating systems from the Webmin community.Virtualmin is a powerful and flexible Web hosting control panel for Linux and BSD systems from Virtualmin, Inc. A security vulnerability exists in Webmin versions prior to 2.2...

PT-2024-14131 · Dji · Dji Vtwo Sdk +9

Name of the Vulnerable Software and Affected Versions: DJI Mavic 3 Pro versions prior to v01.01.0300 DJI Mavic 3 versions prior to v01.00.1200 DJI Mavic 3 Classic versions prior to v01.00.0500 DJI Mavic 3 Enterprise versions prior to v07.01.10.03 DJI Matrice 300 versions prior to v57.00.01.00 DJI...

YahooPOPs Security Vulnerabilities

YahooPOPs is an application from YahooPOPs that emulates a POP3/SMTP mail server and provides free POP3 and SMTP access to Yahoo! A security vulnerability exists in YahooPOPs version 1.6, which originates when the POP3 service allows remote denial of service via a long string on port 110 TCP...

Vulnerabilities fixed in Fortinet FortiNAC

Fortinet has fixed vulnerabilities in FortiNAC. A unauthenticated malicious person could exploit the vulnerabilities to execute arbitrary code or manipulate files on the FortiNAC system. This requires malicious network traffic must be sent to TCP port 1050 or 5555. Fortinet has released updates t...

CVE-2020-25228

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full control over an affected device, if he has access...

PT-2020-14628 · Siemens · Sinumerik 840D Sl +2

Name of the Vulnerable Software and Affected Versions: SIMATIC S7-300 CPU family incl. related ET200 CPUs and SIPLUS variants All versions SIMATIC TDC CPU555 All versions SINUMERIK 840D sl All versions Description: A Denial-of-Service issue has been identified, which can be triggered by sending...

The vulnerability of the communication module processors in the SIMATIC S7-300 CPU family and the SINUMERIK 840D controller allows a intruder to trigger a service failure.

The vulnerability of the communication module processors in the SIMATIC S7-300 CPU family and the SINUMERIK 840D controller is related to uncontrolled resource consumption exhaustion. Exploiting this vulnerability can allow an attacker to trigger a service failure through specially created packet...

The vulnerability of microprogrammed software in Siemens Simatic S7-400 programmable logic controllers is related to errors in checking input data by Ethernet, PROFIBUS, and MPI interfaces. This allows a malicious actor to trigger a service failure.

The vulnerability of microprogrammed programmable logic controllers from Siemens Simatic S7-400 is related to errors in the validation of input data by Ethernet, PROFIBUS, and MPI interfaces. Exploiting this vulnerability can allow an attacker to cause maintenance failures by sending a specially...

The vulnerability of microprogrammed software in Siemens Simatic S7-1200 programmable logic controllers arises from the exceeding of specified resource limits. This allows a malicious entity to exhaust available network connections and cause failures in the device’s network communication capabilities.

The vulnerability of Siemens Simatic S7-1200 programmable logic controllers’ microprogramming software is related to the overuse of resources. Exploiting this vulnerability can allow an attacker to exhaust available network connections and cause failures in the device’s network communication by...

Siemens TIM 1531 IRC Authentication Vulnerability

The Siemens TIM 1531 IRC is a communication module from Siemens, Germany. A security vulnerability exists in the Siemens TIM 1531 IRC prior to version 2.0, which originates from the device failing to properly authenticate itself when connecting on port 102/tcp. An attacker could use this...

CVE-2018-11452

A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module All versions V4.33, Firmware variant PROFINET IO for EN100 Ethernet module All versions, Firmware variant Modbus TCP for EN100 Ethernet module All versions, Firmware variant DNP3 TCP for EN100 Ethernet...

CVE-2017-12741

Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually...

DEBIAN-CVE-2017-8779

rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service memory consumption with no subsequent free via a...