1886 matches found
Siemens’ network software vulnerabilities, related to insufficient validation of input data, allow attackers to trigger service interruptions.
The vulnerability of Siemens network software is related to insufficient validation of input data in the Ethernet segment. Exploiting this vulnerability can allow attackers to cause failures in certain services by sending specially crafted PROFINET DCP broadcast packets...
The vulnerability of the `assign_file_positions_for_non_load_sections` function in the GNU Binutils development environment allows a attacker to trigger a service failure.
The vulnerability of the assignfilepositionsfornonloadsections function in the GNU Binutils development environment is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure by using an ELF file with a RELRO segment that lacks...
The vulnerability of the elf_parse_notes function in the GNU Binutils development environment allows a hacker to trigger a service failure.
The vulnerability of the elfparsenotes function in the GNU Binutils development toolset is related to errors in accessing data beyond the specified buffer. Exploiting this vulnerability could allow a malicious actor to cause service failures by using an ELF file with a NOTES segment having a larg...
The vulnerability of Siemens’ PROFINET DCP software, related to insufficient validation of input data, allows a intruder to trigger a service failure.
The vulnerability of Siemens’ PROFINET DCP software is related to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures in the local Ethernet segment using specially crafted PROFINET DCP packets...
DEBIAN-CVE-2019-7149
A heap-based buffer over-read was discovered in the function readsrclines in dwarfgetsrclines.c in libdw in elfutils 0.175. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by eu-nm...
CVE-2019-2503
Disclaimer: This data contains information about vulnerable...
CVE-2019-2503
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Connection Handling. Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with access to the physical...
Privilege Escalation
kernel-rt is vulnerable to privilege escalation attacks. The vulnerability exists as arch/x86/kernel/entry64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment SS segment register, which allows local users to gain privileges by triggering an IRET...
CVE-2018-16197
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an attacker on the same network segment to bypass access restriction to access the information and files stored on the affected device...
CVE-2018-16195
Aterm WF1200CR and Aterm WG1200CR Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier allows an attacker on the same network segment to execute arbitrary OS commands via SOAP interface of UPnP...
CVE-2018-16200
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an attacker on the same network segment to execute arbitrary OS commands...
CVE-2018-16198
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier may allow an attacker on the same network segment to access a non-documented developer screen to perform operations on the affected device...
CVE-2018-0676
BN-SDWBP3 firmware version 1.0.9 and earlier allows an attacker on the same network segment to bypass authentication to access to the management screen and execute an arbitrary command via unspecified vectors...
CVE-2018-0678
Buffer overflow in BN-SDWBP3 firmware version 1.0.9 and earlier allows an attacker on the same network segment to execute arbitrary code via unspecified vectors...
CVE-2018-0677
BN-SDWBP3 firmware version 1.0.9 and earlier allows attacker with administrator rights on the same network segment to execute arbitrary OS commands via unspecified vectors...
Code injection
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier may allow an attacker on the same network segment to access a non-documented developer screen to perform operations on the affected device...
Design/Logic Flaw
BN-SDWBP3 firmware version 1.0.9 and earlier allows attacker with administrator rights on the same network segment to execute arbitrary OS commands via unspecified vectors...
Hardcoded credentials
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier uses hard-coded credentials, which may allow an attacker on the same network segment to login to the administrators settings screen and change the configuration or execute arbitrary OS commands...
CVE-2018-0678
Buffer overflow in BN-SDWBP3 firmware version 1.0.9 and earlier allows an attacker on the same network segment to execute arbitrary code via unspecified vectors...
CVE-2018-16197
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an attacker on the same network segment to bypass access restriction to access the information and files stored on the affected device...