18 matches found
PT-2026-45863
Name of the Vulnerable Software and Affected Versions Dräger Core version 1.0.5 Dräger M540 Converter Service version 1.0.9 Description A denial of service issue allows network-adjacent attackers to trigger high CPU load by sending specially crafted, unencrypted SDC Service-oriented Device...
CVE-2026-20101
A vulnerability in the SAML 2.0 single sign-on SSO feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability is due to insufficient error checki...
CVE-2025-62723
FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.23.2, any authenticated user can create sessions and have them collect QoS messages. When not sent to a client, these are then not released upon eventual session expiration. Version 1.23.2 fixes the issue...
CVE-2025-62723 FlashMQ does not release memory of queued QoS messages
FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.23.2, any authenticated user can create sessions and have them collect QoS messages. When not sent to a client, these are then not released upon eventual session expiration. Version 1.23.2 fixes the issue...
EUVD-2025-35890
FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.23.2, any authenticated user can create sessions and have them collect QoS messages. When not sent to a client, these are then not released upon eventual session expiration. Version 1.23.2 fixes the issue...
PT-2025-43673
Name of the Vulnerable Software and Affected Versions FlashMQ versions prior to 1.23.2 Description FlashMQ, a MQTT broker/server designed for multi-CPU environments, has an issue where authenticated users can create sessions that collect Quality of Service QoS messages. These messages are not...
Sauter modu680-AS 信任管理问题漏洞
Sauter modu680-AS is a modular automation station cum web server from Sauter, Switzerland. A trust management issue vulnerability exists in Sauter modu680-AS, which stems from the use of hard-coded certificates to verify the authenticity of SOAP messages, which could lead to private key disclosur...
Cisco FXOS and NX-OS Denial of Service Vulnerabilities (CNVD-2020-50560)
Cisco NX-OS Software and Cisco FXOS Software are both products of Cisco, Inc.Cisco NX-OS Software is a suite of data center-grade operating system software for use in switches.Cisco FXOS Software is a suite of firewall software that runs in Cisco security appliances. Cisco FXOS Software is a set ...
CVE-2020-8475
For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...
CVE-2019-14473
eQ-3 Homematic CCU2 and CCU3 use session IDs for authentication but lack authorization checks. Consequently, a valid guest level or user level account can create a new admin level account, read the service messages, clear the system protocol or modify/delete internal programs, etc. pp...
Authorization
eQ-3 Homematic CCU2 2.47.15 and prior and CCU3 3.47.15 and prior use session IDs for authentication but lack authorization checks. An attacker can obtain a session ID from CVE-2019-9583, resulting in the ability to read the service messages, clear the system protocol, create a new user in the...
gSOAP vulnerable to stack-based buffer overflow
Overview gSOAP library provided by Genivia contains a stack-based buffer overflowCWE-121. Processing a crafted SOAP message sent by a remote attacker may result in code execution. Impact Processing a crafted SOAP message sent by a remote attacker may result in code execution. Solution Update to t...
mod_cluster: remotely Segfault Apache http server
It was discovered that it is possible to remotely Segfault Apache http server with a specially crafted string sent to the modcluster via service messages MCMP...
mod_cluster: remotely Segfault Apache http server
It was discovered that it is possible to remotely Segfault Apache http server with a specially crafted string sent to the modcluster via service messages MCMP...
mod_cluster: remotely Segfault Apache http server
It was discovered that it is possible to remotely Segfault Apache http server with a specially crafted string sent to the modcluster via service messages MCMP...
mod_cluster: remotely Segfault Apache http server
It was discovered that it is possible to remotely Segfault Apache http server with a specially crafted string sent to the modcluster via service messages MCMP...
mod_cluster: remotely Segfault Apache http server
It was discovered that it is possible to remotely Segfault Apache http server with a specially crafted string sent to the modcluster via service messages MCMP...
mod_cluster: remotely Segfault Apache http server
It was discovered that it is possible to remotely Segfault Apache http server with a specially crafted string sent to the modcluster via service messages MCMP...