ROS-20260515-73-0044

A vulnerability in the implementation of the Resource Timing application programming interface of the Google Chrome browser is associated with incorrect protection of physical third-party channels. Exploitation of the vulnerability could allow a remote intruder to gain unauthorized access to...

The vulnerability of the “Tekon” SCADA system, related to errors in access control, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the “Tekon” SCADA system, related to access control errors. Exploiting this vulnerability could allow an intruder operating remotely to gain unauthorized access to protected information...

The vulnerability of the Share Livestream module in the UniFi Protect video surveillance system allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Share Livestream module in the UniFi Protect video surveillance system is related to deficiencies in access control. Exploiting this vulnerability could allow an intruder, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Modbus protocol implementation in Schneider Electric’s programmable logic controllers (PLCs), such as the Modicon M340 CPU BMXP34, Modicon MC80 BMKC80, and Modicon Momentum Unity M1E Processor 171CBU, allows a attacker to execute a “man-in-the-middle” attack.

The vulnerability of the Modbus protocol implementation in Schneider Electric’s programmable logic controllers PLCs such as Modicon M340 CPU BMXP34, Modicon MC80 BMKC80, and Modicon Momentum Unity M1E Processor 171CBU lies in the execution of operations outside the buffer in memory. Exploiting th...

Vulnerability of EVlink City parking charging station software. EVlink Parking and EVlink Smart Wallbox, which exist due to SSRF requests being forged on the server side, allow a remote intruder to perform unintended actions or gain unauthorized access to protected information.

The software vulnerabilities of EVlink City parking stations exist due to SSRF attacks on the server side. Exploiting these vulnerabilities can allow an attacker to perform unintended actions or gain unauthorized access to protected information...

The vulnerability of the KrServerBDdemoRT.exe module of the SCADA system “KRUG-2000” lies in the lack of authentication for a critical function, which allows a intruder to trigger a service failure.

The vulnerability of the KrServerBDdemoRT.exe module of the “KRUG-2000” SCADA system is related to the absence of authentication for a critical function. Exploiting this vulnerability could allow an intruder, operating remotely, to cause service interruptions...

MacOS again appeared vulnerability, known as unbreakable system also has weaknesses-vulnerability warning-the black bar safety net

For convenience of expression, this article will use the first-person manner described. This article describes my in Apple's macOS system kernel found several stack and buffer overflow vulnerabilities, Apple will this several vulnerabilities categorized as the kernel of remote code execution...

Ford, BMW, Infiniti and Nissan TCU presence of a vulnerability, can be remote intrusion-vulnerability warning-the black bar safety net

! Three researchers found that Ford, BMW, Infiniti and Nissan Automatic Transmission Control UnitTCUin the presence of a vulnerability, these TCU are made by Continental AG production. Vulnerability causes The three researchers from McAfee, respectively, is Mickey Shkatov, Jesse, Michael and...

When the network sharp knives of the data stream due to the vulnerability to bypass the egg stream......- Vulnerability warning-the black bar safety net

On Friday, the network sharp knife security team of the rivers and lakes known as the“data stream”of handsome handsome in the Black clouds submitted a vulnerability, in fact, in the clouds on submitted vulnerabilities is also not what big things, but the key is: ! Smart devices small love love...

Cyber thieves ten trick-vulnerability warning-the black bar safety net

Peeping five formula One, you enter the account number when not found behind the eye, someone secretly took down your account. Second, you in the cafe Internet, after the Internet leaves a record, someone with the decryption tool will be your password to unscramble it. Third, you go to repair...

In RedHat 9 on the overflow to obtain root demo-vulnerability warning-the black bar safety net

From recently to be black Server security analysis point of view, I find the user elevated permissions tool. He is using a Samba security vulnerability upgrade in order to ROOT. These days the server because you want to put to the public test, this time also installed a Samba server. The results ...

Microsoft Windows 9x / Me Share Level Password Bypass Vulnerability

Description Share level password protection for the File and Print Sharing service in Windows 95/98/ME can be bypassed. Share level access provides peer to peer networking capabilities in the Windows 9x/ME environment. It depends on password protection in order to grant or deny access to resource...

officescan.txt

hi, All of u have certainly seen the possibly general dos attack against OfficeScan just by connecting a client to the port 12345 without sending any TCP FIN packet at the application time-out. After several tests on OfficeScan 3.5, I realized there were numerous other security flaws resulting in...

CVE-1999-0253

Summary: CVE-1999-0253 describes an information-disclosure flaw in IIS 3.0 with the iis-fix hotfix, where remote attackers could disclose ASP source by appending %2e in the URL. Affected product: Microsoft IIS 3.0 (with iis-fix) as documented in Red Hat, NVD/NVD-like records and Nessus entry; mul...