5 matches found
Viessmann Vitogate 300
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to modify an intended OS command when it is sent to a downstream component, or allow an attacker to cause unexpected interactions between the client and server. 2. RECOMMENDED PRACTICES CISA recommends users...
CVE-2024-8929
A flaw was found in the PHP MySQL client library. This vulnerability allows a hostile MySQL server to disclose the content of the client's heap, potentially exposing data from other SQL requests and other users of the same server via malicious server interactions...
The vulnerability in the implementation of the STARTTLS protocol for the software interface with servers allows a perpetrator to carry out “man-in-the-middle” attacks.
The vulnerability of the STARTTLS protocol implementation in the software for interacting with servers via cURL is related to insufficient authentication checks. Exploiting this vulnerability allows a remote attacker to carry out “man-in-the-middle” attacks...
Code injection
Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates...
SUSE-SU-2019:1524-1 Security update for openssh
This update for openssh fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816. -...