CVE-2022-27577

The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the TCP initial sequence number. When the TCP sequence is predictable, an attacker can send packets that are forged to appear to come from a trusted computer. These forged packets could compromise servic...

Design/Logic Flaw

The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the TCP initial sequence number. When the TCP sequence is predictable, an attacker can send packets that are forged to appear to come from a trusted computer. These forged packets could compromise servic...

CVE-2022-27577

The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the TCP initial sequence number. When the TCP sequence is predictable, an attacker can send packets that are forged to appear to come from a trusted computer. These forged packets could compromise servic...

CVE-2022-27577

The CVE-2022-27577 vulnerability affects SICK MSC800 PLCs (all versions before 4.15). The root cause is a TCP initial sequence number that can be predicted, enabling an attacker to send forged packets that appear to originate from a trusted host and potentially compromise MSC800 services. Affecte...

Vulnerability in SICK MSC800

SICK received a report about a vulnerability in the SICK MSC800. An attacker could compromise services on the MSC800 by a TCP sequence prediction attack if a vulnerable version is used...

Sick MSC800 安全特征问题漏洞

The Sick MSC800 is a programmable logic controller PLC from Sick, Germany. A security vulnerability exists in the Sick MSC800 prior to 4.15 that allows an attacker to predict the initial TCP sequence number. When the TCP sequence was predictable, an attacker could send packets disguised as coming...

CVE-2022-27948

Certain Tesla vehicles through 2022-03-26 allow attackers to open the charging port via a 315 MHz RF signal containing a fixed sequence of approximately one hundred symbols. NOTE: the vendor's perspective is that the behavior is as intended...

CVE-2022-27948

Certain Tesla vehicles through 2022-03-26 allow attackers to open the charging port via a 315 MHz RF signal containing a fixed sequence of approximately one hundred symbols. NOTE: the vendor's perspective is that the behavior is as intended...

CVE-2022-27948

Certain Tesla vehicles through 2022-03-26 allow attackers to open the charging port via a 315 MHz RF signal containing a fixed sequence of approximately one hundred symbols. NOTE: the vendor's perspective is that the behavior is as intended...

Tesla 安全漏洞

The Tesla is an electric vehicle from the American company Tesla. Tesla vehicles prior to March 26, 2022 have a security vulnerability that allows an attacker to open the charging port via a 315 MHz radio frequency signal containing a fixed sequence of approximately one hundred symbols...

CVE-2021-27430

GE UR bootloader binary Version 7.00, 7.01 and 7.02 included unused hardcoded credentials. Additionally, a user with physical access to the UR IED can interrupt the boot sequence by rebooting the UR...

Hardcoded credentials

GE UR bootloader binary Version 7.00, 7.01 and 7.02 included unused hardcoded credentials. Additionally, a user with physical access to the UR IED can interrupt the boot sequence by rebooting the UR...

Buffer Overflow

The BPF subsystem in the Linux kernel is vulnerable to buffer overflow. The vulnerability exists in kernel/bpf/core.c and kernel/bpf/core.c because of mishandling situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF...

Updated mariadb packages fix security vulnerability

InnoDB - --skip-symbolic-links does not disallow .isl file creation MDEV-26870 - Indexed CHAR columns are broken with NOPAD collations MDEV-25440 - insert-intention lock conflicts with waiting ORDINARY lock MDEV-27025 - Crash recovery improvements MDEV-26784, MDEV-27022, MDEV-27183, MDEV-27610...

Atheme IRC Services 授权问题漏洞

Atheme IRC Services is a set of IRC services designed for large IRC networks with high scalability requirements. An authorization issue vulnerability exists in Atheme IRC Services that originates when used with InspIRCd and allows authentication to be bypassed by ending the IRC handshake at some...

GHSA-6GMV-PJP9-P8W8 Out of bounds read in Tensorflow

Impact The implementation of shape inference for ReverseSequence does not fully validate the value of batchdim and can result in a heap OOB read: python import tensorflow as tf @tf.function def test: y = tf.rawops.ReverseSequence input = 'aaa','bbb', seqlengths = 1,1,1, seqdim = -10, batchdim = -...

Rockwell Automation Allen-Bradley MicroLogix 1100 and 1400 Predictable Value Range From Previous Values (CVE-2017-7901)

A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series...

PYSEC-2022-107

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ReverseSequence does not fully validate the value of batchdim and can result in a heap OOB read. There is a check to make sure the value of batchdim does not go over the rank of the input, but there...

CVE-2022-21728

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ReverseSequence does not fully validate the value of batchdim and can result in a heap OOB read. There is a check to make sure the value of batchdim does not go over the rank of the input, but there...

PT-2022-15067 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The implementation of shape inference for ReverseSequence does not fully validat...