Denial Of Service (DoS)

github.com/cosmos/cosmos-sdk is vulnerable to Denial Of Service. The vulnerability is due to the handling of non-sequential sequence numbers by the default PrepareProposalHandler and SenderNonceMempool, potentially allowing invalid blocks to be proposed under certain conditions...

The vulnerability of the lookup_sequence function in the ZBar barcode reading library allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the lookupsequence function in the ZBar barcode reading library is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and even cause service failures using a...

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

CVE-2024-24794

A use-after-free vulnerability exists in the DICOM Element Parsing as implemented in Imaging Data Commons libdicom 1.0.5. A specially crafted DICOM file can cause premature freeing of memory that is used later. To trigger this vulnerability, an attacker would need to induce the vulnerable...

CVE-2023-51440

A vulnerability has been identified in SIMATIC CP 343-1 6GK7343-1EX30-0XE0 All versions, SIMATIC CP 343-1 Lean 6GK7343-1CX10-0XE0 All versions, SIPLUS NET CP 343-1 6AG1343-1EX30-7XE0 All versions, SIPLUS NET CP 343-1 Lean 6AG1343-1CX10-2XE0 All versions. Affected products incorrectly validate TCP...

Design/Logic Flaw

A vulnerability has been identified in SIMATIC CP 343-1 6GK7343-1EX30-0XE0 All versions, SIMATIC CP 343-1 Lean 6GK7343-1CX10-0XE0 All versions, SIPLUS NET CP 343-1 6AG1343-1EX30-7XE0 All versions, SIPLUS NET CP 343-1 Lean 6AG1343-1CX10-2XE0 All versions. Affected products incorrectly validate TCP...

CVE-2023-51440

A vulnerability has been identified in SIMATIC CP 343-1 6GK7343-1EX30-0XE0 All versions, SIMATIC CP 343-1 Lean 6GK7343-1CX10-0XE0 All versions, SIPLUS NET CP 343-1 6AG1343-1EX30-7XE0 All versions, SIPLUS NET CP 343-1 Lean 6AG1343-1CX10-2XE0 All versions. Affected products incorrectly validate TCP...

CVE-2023-51440

A vulnerability has been identified in SIMATIC CP 343-1 6GK7343-1EX30-0XE0 All versions, SIMATIC CP 343-1 Lean 6GK7343-1CX10-0XE0 All versions, SIPLUS NET CP 343-1 6AG1343-1EX30-7XE0 All versions, SIPLUS NET CP 343-1 Lean 6AG1343-1CX10-2XE0 All versions. Affected products incorrectly validate TCP...

PT-2024-2660 · Siemens · Siplus Net Cp 343-1 Lean +3

Name of the Vulnerable Software and Affected Versions: SIMATIC CP 343-1 versions All SIMATIC CP 343-1 Lean versions All SIPLUS NET CP 343-1 versions All SIPLUS NET CP 343-1 Lean versions All Description: A vulnerability has been identified in the affected products, which incorrectly validate TCP...

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cosign (SUSE-SU-2024:0430-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0430-1 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other...

OESA-2024-1158 zbar security update

ZBar is an open source software suite for reading bar codes from various sources, such as video streams, image files and raw intensity sensors. It supports many popular symbologies types of bar codes including EAN-13/UPC-A, UPC-E, EAN-8, Code 128, Code 39, Interleaved 2 of 5 and QR Code. Security...

kernel: lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow

A buffer overflow write flaw was identified in seqbufputmemhex in lib/seqbuf.c in seqbuf in the Linux Kernel. This issue may allow a user with special debug privileges such as ftrace or root to cause an overflow in the destination buffer due to a missing sanity check...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bouncycastle, jsch (SUSE-SU-2024:0327-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0327-1 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other...

CVE-2023-6874

Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of the NWK sequence number...

CVE-2023-6874

Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of the NWK sequence number...

Denial of service

Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of the NWK sequence number...

CVE-2023-6874 Zigbee Unauthenticated DoS via NWK Sequence number manipulation

Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of the NWK sequence number...

CVE-2023-6874 Zigbee Unauthenticated DoS via NWK Sequence number manipulation

Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of the NWK sequence number...

CVE-2023-6874

CVE-2023-6874 affects Silicon Labs EmberZNet prior to version 7.4.0. The vulnerability arises from the ability to manipulate the NWK (network) sequence number, enabling a denial-of-service condition. Impact is limited to Ember ZNet components handling NWK sequencing in affected releases, with no ...