19 matches found
CVE-2026-36605
Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 is vulnerable to a HTTP denial of service via a low number of crafted incomplete HTTP requests, causing a persistent crash that requires physical power cycling to recover...
EUVD-2026-34144
Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 is vulnerable to a HTTP denial of service via a low number of crafted incomplete HTTP requests, causing a persistent crash that requires physical power cycling to recover...
CVE-2025-40944
A vulnerability has been identified in SIMATIC ET 200AL IM 157-1 PN 6ES7157-1AB00-0AB0 All versions, SIMATIC ET 200MP IM 155-5 PN HF 6ES7155-5AA00-0AC0 All versions = V4.2.0, SIMATIC ET 200SP IM 155-6 MF HF 6ES7155-6MU00-0CN0 All versions, SIMATIC ET 200SP IM 155-6 PN HA incl. SIPLUS variants All...
PT-2025-41919
Name of the Vulnerable Software and Affected Versions Web Server affected versions not specified Description A denial-of-service issue exists due to a high volume of requests sent to the web server. This can lead to a system crash, requiring a power cycle for recovery and webpage utilization. The...
EUVD-2019-16365
Malware in sbrugna...
EUVD-2025-24828
Malicious code in bioql PyPI...
EUVD-2025-24830
Malicious code in bioql PyPI...
CVE-2025-9042
A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IY8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module returns a connection fault Code 160010, and the module cannot...
CVE-2025-9041
A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IF8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module returns a connection fault Code 160010, and the module cannot...
CVE-2025-9041 Rockwell Automation FLEX 5000 I/O - Module Fault
A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IF8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module returns a connection fault Code 160010, and the module cannot...
CVE-2025-9041 Rockwell Automation FLEX 5000 I/O - Module Fault
A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IF8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module returns a connection fault Code 160010, and the module cannot...
CVE-2021-34144
The Bluetooth Classic implementation in the Zhuhai Jieli AC6366C BT SDK through 0.9.1 does not properly handle the reception of truncated LMPSCOLinkRequest packets while no other BT connections are active, allowing attackers in radio range to prevent new BT connections disabling the AB5301A inqui...
CVE-2025-40556
A vulnerability has been identified in BACnet ATEC 550-440 All versions, BACnet ATEC 550-441 All versions, BACnet ATEC 550-445 All versions, BACnet ATEC 550-446 All versions. Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the sa...
CVE-2025-24510
A vulnerability has been identified in MS/TP Point Pickup Module All versions. Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the same BACnet network to send a specially crafted MSTP message that results in a denial of service...
CVE-2025-24510
The CVE-2025-24510 affects Siemens MS/TP Point Pickup Module (all versions). Affected devices improperly handle certain BACnet MSTP messages, enabling an attacker on the same BACnet network to craft an MSTP message that triggers a denial-of-service, requiring a power cycle to recover. Total impac...
CVE-2025-24341
A vulnerability in the web application of ctrlX OS allows a remote authenticated low-privileged attacker to induce a Denial-of-Service DoS condition on the device via multiple crafted HTTP requests. In the worst case, a full power cycle is needed to regain control of the device...
CVE-2020-7524
Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller V5.0.0.7 and prior which could cause Denial of Service when sending specific crafted IPV4 packet to the controller: Sending a specific IPv4 protocol package to Schneider Electric Modicon M218 Logic Controller can cause IPv4...
siemens.ipphone.txt
From: Michal Zalewski Subject: Another thingy. To: [email protected] -- Standard disclaimer applies. I am speaking as a private person, -- and doing it in completely informal way, which shouldn't be interpreted -- in any other way but as my personal opinions and beliefs, which don't have ...
Cisco HTTP possible bug:
If you have: ip http server in your running config not a great idea to have on a live router IMO on your router and you do: http://router-ip/ it crashes said router. I confirmed this on my 1005 running 11.124 and another fellow said it worked on his 2621 and 2524. Though he didnt give IOS version...