19 matches found
CVE-2026-34021
The Wertheim SafeController 5400, Controller 5400 - AssemblyVersion 6.11.8130.22320, uses RS-485 communication between the server and the microcontroller without cryptographic protection. An attacker with access to the communication path between the server and the microcontroller can sniff RS-485...
CVE-2026-27843
A vulnerability exists in SenseLive X3050's web management interface that allows critical configuration parameters to be modified without sufficient authentication or server-side validation. By applying unsupported or disruptive values to recovery mechanisms and network settings, an attacker can...
CVE-2026-27843
A vulnerability exists in SenseLive X3050's web management interface that allows critical configuration parameters to be modified without sufficient authentication or server-side validation. By applying unsupported or disruptive values to recovery mechanisms and network settings, an attacker can...
EUVD-2024-19940
Malicious code in bioql PyPI...
CVE-2024-22383
Missing release of resource after effective lifetime CWE-772 in the Controller 7000 resulted in HBUS connected T-Series readers to not automatically recover after coming under attack over the RS-485 interface, resulting in a persistent denial of service. This issue affects: All variants of the...
CVE-2024-22383
CVE-2024-22383 concerns the Gallagher Controller 7000. A missing resource release after its effective lifetime (CWE-772) causes HBUS-connected T-Series readers to fail to recover after an RS-485 attack, yielding a persistent denial of service. Affected are all Controller 7000 variants with versio...
CVE-2024-22383
Missing release of resource after effective lifetime CWE-772 in the Controller 7000 resulted in HBUS connected T-Series readers to not automatically recover after coming under attack over the RS-485 interface, resulting in a persistent denial of service. This issue affects: All variants of the...
CVE-2024-22383
Missing release of resource after effective lifetime CWE-772 in the Controller 7000 resulted in HBUS connected T-Series readers to not automatically recover after coming under attack over the RS-485 interface, resulting in a persistent denial of service. This issue affects: All variants of the...
ECOA Building Automation System Cookie Poisoning / Authentication Bypass Vulnerabilities
ECOA building automation systems suffer from a cookie poisoning vulnerability that allows for authentication bypass. Many versions are affected. ECOA Building Automation System Cookie Poisoning Authentication Bypass Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw Affected...
GE STXMBS002 RSTi Slice Modbus RS-485 Slave Network Interface Detection
Binary data 755554.prm...
Rockwell Automation ArmorPoint RS-485 ASCII 1738-485ASCM12/A
Binary data 753896.prm...
Rockwell Automation PointIO RS-485 ASCII 1734-485ASC
Binary data 753881.prm...
Emerson 396359-25-6 ControlWave CPU module Detection
Binary data 756535.prm...
ABB SREA-01 Communications Adapter Detection
Binary data 761513.prm...
Emerson 396359-32-9 ControlWave CPU module Detection
Binary data 756536.prm...
Emerson 396359-26-4 ControlWave CPU module Detection
Binary data 756534.prm...
Siemens SIPLUS CB 1241 RS 485 Communications Adapter Detection
Binary data 750139.prm...
ZKTeco ZKAccess Security System 5.3.1 Stored XSS Vulnerability
Summary ZKAccess Systems are built on flexible, open technology to provide management, real-time monitoring, and control of your access control system-all from a browser, with no additional software to install. Our secure Web-hosted infrastructure and centralized online administration reduce your...
ZKTeco ZKAccess Security System 5.3.1 Persistent Cross Site Scripting
i?!-- ZKTeco ZKAccess Security System 5.3.1 Stored XSS Vulnerability Vendor: ZKTeco Inc. | Xiamen ZKTeco Biometric Identification Technology Co.,ltd Product web page: http://www.zkteco.com Affected version: 5.3.12252 Summary: ZKAccess Systems are built on flexible, open technology to provide...