CVE-2017-6030

A Predictable Value Range from Previous Values issue was discovered in Schneider Electric Modicon PLCs Modicon M221, firmware versions prior to Version 1.5.0.0, Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. The affected...

CVE-2017-6030 Schneider Electric Modicon PLCs Predictable Value Range from Previous Values

A predictable value range from previous values issue was discovered in Schneider Electric Modicon PLCs Modicon M221, firmware versions prior to Version 1.5.0.0, Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. The affected...

CVE-2017-7901

A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series...

PT-2017-17982 · Rockwell Automation · Micrologix 1100 +1

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers versions 16.00 and prior Rockwell Automation Allen-Bradley MicroLogix 1400 programmable logic controllers versions 16.00 and prior Description: A Predictable Val...

CVE-2017-9982

TeamSpeak Client 3.0.19 allows remote attackers to cause a denial of service application crash via the Unicode character followed by the Unicode character...

UBUNTU-CVE-2017-9372

PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service buffer overflow and application crash via a SIP packet with a crafted CSeq header in conjunction...

JVN#91438377: SSL Visibility Appliance may generate illegal RST packets

SSL Visibility Appliance provided by Blue Coat Systems, Inc. is used as a transparent proxy for encrypted traffic management. It is reported that the appliance generates RST packets with incorrect sequence numbers when it receives HTTPS requests from certain web browsers. When the web server behi...

Multiple eMLi Product Catalog Traversal Vulnerabilities

AuroMeera Technometrix Pvt eMLi School Management etc. are the products of AuroMeera India for the education sector. eMLi School Management is a school management system; eMLi College Campus Management is a comprehensive campus management system. eMLi School Management is a school management...

F5 BIG-IP - TMM vulnerability CVE-2016-9247

Under certain conditions for BIG-IP systems using a virtual server with an associated FastL4 profile and TCP analytics profile, a specific sequence of packets may cause the Traffic Management Microkernel TMM to restart. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be...

ALPINE-CVE-2017-6887

A boundary error within the "parsetiffifd" function internal/dcrawcommon.cpp in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and 0x14A TAGs...

UBUNTU-CVE-2017-8831

The saa7164busget function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service out-of-bounds array access or possibly have unspecified other impact by changing a certain sequence-number value, aka a "double fetch"...

RubyGems: Escape sequence injection in "summary" field

Seems we can include any escape sequence in the "summary" field of gemspec. This allows attackers to inject escape sequences to a victim's terminal emulator. How to attack 1 An attacker creates a gem with summary string that includes malicious escape sequences, and push it to rubygems.org. 2 A...

Serviio PRO 1.8 DLNA Media Streaming Server REST API Arbitrary Code Execution Exploit

Serviio PRO DLNA Media Streaming Server version 1.8.0.0 PRO, 1.7.1, 1.7.0, and 1.6.1 suffers from a REST API arbitrary code execution vulnerability. !/usr/bin/env python Serviio PRO 1.8 DLNA Media Streaming Server REST API Arbitrary Code Execution Vendor: Petr Nejedly | Six Lines Ltd Product web...

Ruby: Escape sequence injection vulnerability in WEBrick BasicAuth

WEBrick BasicAuth outputs any non-existing user name to logs without sanitizing. By exploting this, an attacker can inject malicious escape sequences to its logs. This issue is exactly the same as the old already-fixed vulnerability. How to reproduce: 1 Run this WEBrick server program in a...

CVE-2017-7262

The AMD Ryzen processor with AGESA microcode through 2017-01-27 allows local users to cause a denial of service system hang via an application that makes a long series of FMA3 instructions, as demonstrated by the Flops test suite...

Null pointer dereference

The jpctsfbsynthesize function in jpctsfb.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service NULL pointer dereference via vectors involving an empty sequence...

CVE-2016-10248

The jpctsfbsynthesize function in jpctsfb.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service NULL pointer dereference via vectors involving an empty sequence...

UBUNTU-CVE-2016-10248

The jpctsfbsynthesize function in jpctsfb.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service NULL pointer dereference via vectors involving an empty sequence...

Wireshark Multiple DoS Vulnerabilities (Mar 2017) - Mac OS X

Wireshark is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

ALPINE-CVE-2017-6472

In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an RTMPT dissector infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rtmpt.c by properly incrementing a certain sequence value...