UBUNTU-CVE-2022-46292

Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to...

Out-of-bounds

Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to...

CVE-2022-46292

Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to...

SUSE CVE-2023-38431

An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdusize in ksmbdconnhandlerloop, leading to an out-of-bounds read...

CVE-2023-36669

Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...

CVE-2023-36669

Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...

CVE-2023-36669

Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...

Authentication flaw

Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...

VirusTotal Data Leak Exposes Some Registered Customers' Details

Data associated with a subset of registered customers of VirusTotal, including their names and email addresses, were exposed after an employee inadvertently uploaded the information to the malware scanning platform. The security incident, which comprises a database of 5,600 names in a 313KB file,...

CVE-2023-36669

Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...

PT-2023-25670 · Kratos · Kratos Ngc Indoor Unit

Name of the Vulnerable Software and Affected Versions: Kratos NGC Indoor Unit IDU versions prior to 11.4 Description: The issue allows remote attackers to obtain arbitrary control of the IDU/ODU system due to missing authentication for a critical function. Attackers with layer-3 network access to...

Kratos NGC Indoor Unit 操作系统命令注入漏洞

Kratos Defense The Kratos NGC Indoor Unit is an advanced antenna control system from Kratos Defense. A security vulnerability in the Kratos NGC Indoor Unit IDU version 9.1.0.4 can be exploited by an attacker to execute arbitrary Linux commands as root by sending a crafted TCP request to the devic...

Kratos NGC Indoor Unit 访问控制错误漏洞

Kratos Defense The Kratos NGC Indoor Unit is an advanced antenna control system from Kratos Defense. A security vulnerability exists in the Kratos NGC Indoor Unit IDU prior to version 11.4, which stems from a lack of authentication for critical functions, allowing a remote attacker to gain...

CVE-2023-36669

CVE-2023-36669 (Kratos NGC IDU) affects Kratos NGC Indoor Unit prior to 11.4, where missing authentication for a critical function allows remote attackers with layer-3 network access to impersonate the Touch Panel Unit (TPU) by sending crafted TCP requests, granting arbitrary control of the IDU/O...

PT-2023-23642 · Tesla · Tesla Model 3

Name of the Vulnerable Software and Affected Versions: Tesla Model 3 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected vehicles. The flaw exists within the handling of firmware updates, resulting from improper...

CVE-2023-36669

Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...

BD Alaris System with Guardrails Suite MX 授权问题漏洞

The BD Alaris System with Guardrails Suite MX is a medical device from BD Medical BD. A security vulnerability exists in the BD Alaris System with Guardrails Suite MX, which originates from the ability to modify the configuration of a PCU without having to authenticate using a physical connection...

PT-2023-22789 · Pcu · Pcu

Name of the Vulnerable Software and Affected Versions: PCU affected versions not specified Description: The issue concerns the insecure data flow between the PCU and its modules. A threat actor with physical access could potentially read or modify data by attaching a specially crafted device whil...

PT-2023-22786 · Unknown · Wireless Card Firmware

Name of the Vulnerable Software and Affected Versions: Wireless card firmware affected versions not specified Description: The issue concerns the firmware update package for the wireless card, which is not properly signed and can be modified. Additionally, the configuration from the PCU can be...

CLSA-2023-1688678110 Fix CVE(s): CVE-2021-33582

SECURITY UPDATE: String hashing algorithm collisions - debian/patches/0021-CVE-2021-33582-pre.patch: gracefully handle lookup on zero-sized tables - debian/patches/0022-CVE-2021-33582.patch: replace ad-hoc algorithm with seeded djb2 and use it when hashing - CVE-2021-33582 Enable the internal cun...