Güncel Güvenlik Açıkları

CVE-2021-21970

An out-of-bounds write vulnerability exists in the HandleSeaCloudMessage functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. The HandleIncomingSeaCloudMessage function uses at [3] the json_object_get_string to populate the p_name global variable. The p_name is only 0x80 bytes long, and the total MQTT message could be up to 0x201 bytes. Because the function json_object_get_string will fill str…

Devamını oku

CVE-2021-21971

An out-of-bounds write vulnerability exists in the URL_decode functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted MQTT payload can lead to an out-of-bounds write. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. Devamını Oku

Devamını oku

CVE-2021-22284

Incorrect Permission Assignment for Critical Resource vulnerability in OPC Server for AC 800M allows an attacker to execute arbitrary code in the node running the AC800M OPC Server. Devamını Oku

Devamını oku

CVE-2021-22285

Improper Handling of Exceptional Conditions, Improper Check for Unusual or Exceptional Conditions vulnerability in the ABB SPIET800 and PNI800 module that allows an attacker to cause the denial of service or make the module unresponsive. Devamını Oku

Devamını oku

CVE-2021-22286

Improper Input Validation vulnerability in the ABB SPIET800 and PNI800 module allows an attacker to cause the denial of service or make the module unresponsive. Devamını Oku

Devamını oku

CVE-2021-21962 (seaconnect_370w_firmware)

A heap-based buffer overflow vulnerability exists in the OTA Update u-download functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A series of specially-crafted MQTT payloads can lead to remote code execution. An attacker must perform a man-in-the-middle attack in order to trigger this vulnerability. Devamını Oku

Devamını oku

CVE-2021-21961 (seaconnect_370w_firmware)

A stack-based buffer overflow vulnerability exists in the NBNS functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted network packet can lead to remote code execution. An attacker can send a malicious packet to trigger this vulnerability. Devamını Oku

Devamını oku

CVE-2021-21963 (seaconnect_370w_firmware)

An information disclosure vulnerability exists in the Web Server functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. Devamını Oku

Devamını oku

CVE-2020-12891 (radeon_pro_software, radeon_software)

AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable. Devamını Oku

Devamını oku

CVE-2020-12966 (epyc_7001_firmware, epyc_7002_firmware, epyc_7003_firmware, epyc_7232p_firmware, epyc_7251_firmware, epyc_7252_firmware, epyc_7261_firmware, epyc_7262_firmware, epyc_7272_firmware, epyc_7281_firmware, epyc_7282_firmware, epyc_72f3_firmware, epyc_7301_firmware, epyc_7302_firmware, epyc_7302p_firmware, epyc_7313_firmware, epyc_7313p_firmware, epyc_7343_firmware, epyc_7351_firmware, epyc_7351p_firmware, epyc_7352_firmware, epyc_7371_firmware, epyc_73f3_firmware, epyc_7401_firmware, epyc_7401p_firmware, epyc_7402_firmware, epyc_7402p_firmware, epyc_7413_firmware, epyc_7443_firmware, epyc_7443p_firmware, epyc_7451_firmware, epyc_7452_firmware, epyc_7453_firmware, epyc_74f3_firmware, epyc_7501_firmware, epyc_7502_firmware, epyc_7502p_firmware, epyc_7513_firmware, epyc_7532_firmware, epyc_7542_firmware, epyc_7543_firmware, epyc_7543p_firmware, epyc_7551_firmware, epyc_7551p_firmware, epyc_7552_firmware, epyc_75f3_firmware, epyc_7601_firmware, epyc_7642_firmware, epyc_7643_firmware, epyc_7662_firmware, epyc_7663_firmware, epyc_7702_firmware, epyc_7702p_firmware, epyc_7713_firmware, epyc_7713p_firmware, epyc_7742_firmware, epyc_7763_firmware, epyc_7f32_firmware, epyc_7f52_firmware, epyc_7f72_firmware, epyc_7h12_firmware, epyc_embedded_3101_firmware, epyc_embedded_3151_firmware, epyc_embedded_3201_firmware, epyc_embedded_3251_firmware, epyc_embedded_3255_firmware, epyc_embedded_3351_firmware, epyc_embedded_3451_firmware, epyc_embedded_7232p_firmware, epyc_embedded_7251_firmware, epyc_embedded_7252_firmware, epyc_embedded_7261_firmware, epyc_embedded_7262_firmware, epyc_embedded_7272_firmware, epyc_embedded_7281_firmware, epyc_embedded_7282_firmware, epyc_embedded_7301_firmware, epyc_embedded_7302_firmware, epyc_embedded_7302p_firmware, epyc_embedded_7351_firmware, epyc_embedded_7352_firmware, epyc_embedded_735p_firmware, epyc_embedded_7371_firmware, epyc_embedded_7401_firmware, epyc_embedded_7402_firmware, epyc_embedded_7402p_firmware, epyc_embedded_740p_firmware, epyc_embedded_7451_firmware, epyc_embedded_7452_firmware, epyc_embedded_7501_firmware, epyc_embedded_7502_firmware, epyc_embedded_7502p_firmware, epyc_embedded_7532_firmware, epyc_embedded_7542_firmware, epyc_embedded_7551_firmware, epyc_embedded_7552_firmware, epyc_embedded_755p_firmware, epyc_embedded_7601_firmware, epyc_embedded_7642_firmware, epyc_embedded_7662_firmware, epyc_embedded_7702_firmware, epyc_embedded_7702p_firmware, epyc_embedded_7742_firmware, epyc_embedded_7f32_firmware, epyc_embedded_7f52_firmware, epyc_embedded_7f72_firmware, epyc_embedded_7h12_firmware)

AMD EPYCâ„¢ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State (SEV-ES) and Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). A local authenticated attacker could potentially exploit this vulnerability leading to leaking guest data by the malicious hypervisor. Devamını Oku

Devamını oku

CVE-2021-21959 (seaconnect_370w_firmware)

A misconfiguration exists in the MQTTS functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. This misconfiguration significantly simplifies a man-in-the-middle attack, which directly leads to control of device functionality. Devamını Oku

Devamını oku

CVE-2021-21960 (seaconnect_370w_firmware)

A stack-based buffer overflow vulnerability exists in both the LLMNR functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted network packet can lead to remote code execution. An attacker can send a malicious packet to trigger this vulnerability. Devamını Oku

Devamını oku

[email protected]

Hızlı Erişim

Ofis Adreslerimiz

Şehit Muhtar Mah. İstiklal Caddesi İmam Adnan Sok. No:3 Kat:4 Daire:17 34421 Beyoğlu / İstanbul

Bilişim Vadisi Bakü - H.Cevid Caddesi 25, Bakü, Azerbaycan AZ 1073 Azerbaycan Teknik Üniversitesi

Pazartesi - Cuma: 08:30 - 17:30

İletişim Bilgilerimiz

+90 212 706 81 80

[email protected]

[email protected]