Lucene search
K

1886 matches found

BDU FSTEC
BDU FSTEC
added 2019/02/26 12:0 a.m.4 views

Siemens’ network software vulnerabilities, related to insufficient validation of input data, allow attackers to trigger service interruptions.

The vulnerability of Siemens network software is related to insufficient validation of input data in the Ethernet segment. Exploiting this vulnerability can allow attackers to cause failures in certain services by sending specially crafted PROFINET DCP broadcast packets...

6.5CVSS6.5AI score0.00469EPSS
Exploits0References3Affected Software8
BDU FSTEC
BDU FSTEC
added 2019/02/12 12:0 a.m.3 views

The vulnerability of the `assign_file_positions_for_non_load_sections` function in the GNU Binutils development environment allows a attacker to trigger a service failure.

The vulnerability of the assignfilepositionsfornonloadsections function in the GNU Binutils development environment is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure by using an ELF file with a RELRO segment that lacks...

5.5CVSS6.4AI score0.01532EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2019/02/12 12:0 a.m.5 views

The vulnerability of the elf_parse_notes function in the GNU Binutils development environment allows a hacker to trigger a service failure.

The vulnerability of the elfparsenotes function in the GNU Binutils development toolset is related to errors in accessing data beyond the specified buffer. Exploiting this vulnerability could allow a malicious actor to cause service failures by using an ELF file with a NOTES segment having a larg...

5.5CVSS6.6AI score0.02209EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2019/02/07 12:0 a.m.18 views

The vulnerability of Siemens’ PROFINET DCP software, related to insufficient validation of input data, allows a intruder to trigger a service failure.

The vulnerability of Siemens’ PROFINET DCP software is related to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures in the local Ethernet segment using specially crafted PROFINET DCP packets...

6.5CVSS6.9AI score0.00906EPSS
Exploits0References3Affected Software3
OSV
OSV
added 2019/01/29 12:29 a.m.1 views

DEBIAN-CVE-2019-7149

A heap-based buffer over-read was discovered in the function readsrclines in dwarfgetsrclines.c in libdw in elfutils 0.175. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by eu-nm...

6.5CVSS7AI score0.02212EPSS
Exploits1References1
MariaDBUnix
MariaDBUnix
added 2019/01/16 7:0 p.m.30 views

CVE-2019-2503

Disclaimer: This data contains information about vulnerable...

6.4CVSS7.9AI score0.02487EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2019/01/16 12:0 a.m.36 views

CVE-2019-2503

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Connection Handling. Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with access to the physical...

6.4CVSS6.7AI score0.02487EPSS
Exploits0References3
Veracode
Veracode
added 2019/01/15 9:3 a.m.29 views

Privilege Escalation

kernel-rt is vulnerable to privilege escalation attacks. The vulnerability exists as arch/x86/kernel/entry64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment SS segment register, which allows local users to gain privileges by triggering an IRET...

7.8CVSS7.4AI score0.01504EPSS
Exploits8References25Affected Software1
NVD
NVD
added 2019/01/09 11:29 p.m.13 views

CVE-2018-16197

Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an attacker on the same network segment to bypass access restriction to access the information and files stored on the affected device...

6.5CVSS6.4AI score0.00503EPSS
Exploits0References2
NVD
NVD
added 2019/01/09 11:29 p.m.20 views

CVE-2018-16195

Aterm WF1200CR and Aterm WG1200CR Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier allows an attacker on the same network segment to execute arbitrary OS commands via SOAP interface of UPnP...

8.8CVSS9AI score0.00729EPSS
Exploits0References2
NVD
NVD
added 2019/01/09 11:29 p.m.16 views

CVE-2018-16200

Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an attacker on the same network segment to execute arbitrary OS commands...

8.8CVSS8.9AI score0.0065EPSS
Exploits0References2
NVD
NVD
added 2019/01/09 11:29 p.m.14 views

CVE-2018-16198

Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier may allow an attacker on the same network segment to access a non-documented developer screen to perform operations on the affected device...

8.8CVSS8.6AI score0.0047EPSS
Exploits0References2
OSV
OSV
added 2019/01/09 11:29 p.m.1 views

CVE-2018-0676

BN-SDWBP3 firmware version 1.0.9 and earlier allows an attacker on the same network segment to bypass authentication to access to the management screen and execute an arbitrary command via unspecified vectors...

8.8CVSS6AI score0.00617EPSS
Exploits0References2
NVD
NVD
added 2019/01/09 11:29 p.m.12 views

CVE-2018-0678

Buffer overflow in BN-SDWBP3 firmware version 1.0.9 and earlier allows an attacker on the same network segment to execute arbitrary code via unspecified vectors...

6.8CVSS7.1AI score0.0112EPSS
Exploits0References2
NVD
NVD
added 2019/01/09 11:29 p.m.16 views

CVE-2018-0677

BN-SDWBP3 firmware version 1.0.9 and earlier allows attacker with administrator rights on the same network segment to execute arbitrary OS commands via unspecified vectors...

7.7CVSS6.9AI score0.00599EPSS
Exploits0References2
Prion
Prion
added 2019/01/09 11:29 p.m.18 views

Code injection

Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier may allow an attacker on the same network segment to access a non-documented developer screen to perform operations on the affected device...

5.8CVSS8.6AI score0.0047EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2019/01/09 11:29 p.m.14 views

Design/Logic Flaw

BN-SDWBP3 firmware version 1.0.9 and earlier allows attacker with administrator rights on the same network segment to execute arbitrary OS commands via unspecified vectors...

7.7CVSS7.4AI score0.00599EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2019/01/09 11:29 p.m.17 views

Hardcoded credentials

Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier uses hard-coded credentials, which may allow an attacker on the same network segment to login to the administrators settings screen and change the configuration or execute arbitrary OS commands...

8.3CVSS8.8AI score0.00602EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2019/01/09 10:0 p.m.16 views

CVE-2018-0678

Buffer overflow in BN-SDWBP3 firmware version 1.0.9 and earlier allows an attacker on the same network segment to execute arbitrary code via unspecified vectors...

7.7AI score0.0112EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/01/09 10:0 p.m.16 views

CVE-2018-16197

Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an attacker on the same network segment to bypass access restriction to access the information and files stored on the affected device...

7AI score0.00503EPSS
Exploits0References2
Rows per page
Query Builder