Siemens EN100 Ethernet module firmware across multiple protocol variants (PROFINET IO, Modbus TCP, DNP3 TCP, IEC 104) contains a vulnerability that allows remote attackers to cause a denial-of-service condition by sending specially crafted packets. The affected module crashes and requires a manual cold restart to recover, impacting industrial control system availability.
Multiple stack-based buffer overflows in the SafeShellExecute method in the NetIQExecObject.NetIQExec.1 ActiveX control in NetIQExec.dll in NetIQ Security Solutions for iSeries 8.1 allow remote. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.
The NVIDIA GPU driver for FreeBSD R352 before 352.09, 346 before 346.72, R349 before 349.16, R343 before 343.36, R340 before 340.76, R337 before 337.25, R334 before 334.21, R331 before 331.113, and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.
Cisco Prime Collaboration Assurance 10.0 allows remote attackers to cause a denial of service (HTTP service outage) via a crafted HTTP request, aka Bug ID CSCum38844. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The TLS implementation in the Cavium cryptographic-module firmware, as distributed with Cisco Adaptive Security Appliance (ASA) Software 9.1(5.21) and other products, does not verify the MAC field,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.