Security Vulnerabilities - CVEs Published In September 2024
Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::SetFieldAction::unpack.
This issue affects libfluid: 0.1.0.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-09-18
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::HelloElemVersionBitmap::unpack.
This issue affects libfluid: 0.1.0.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-09-18
Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::QueuePropertyList::unpack13.
This issue affects libfluid: 0.1.0.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-09-18
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::EchoCommon::unpack.
This issue affects libfluid: 0.1.0.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-09-18
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::QueueGetConfigReply::unpack.
This issue affects libfluid: 0.1.0.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-09-18
Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routines fluid_msg::of13::InstructionSet::unpack.
This issue affects libfluid: 0.1.0.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-09-18
Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routines fluid_msg::ActionSet::unpack.
This issue affects libfluid: 0.1.0.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-09-18
Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routines fluid_msg::ActionList::unpack13.
This issue affects libfluid: 0.1.0.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-09-18
An attacker with access to the network where the CIRCUTOR Q-SMT is located in its firmware version 1.0.4, could obtain legitimate credentials or steal sessions due to the fact that the device only implements the HTTP protocol. This fact prevents a secure communication channel from being established.
CVSS Score
8.0
EPSS Score
0.001
Published
2024-09-18
Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify any configuration value, even if the device has the user/password authentication option enabled, without authentication by sending packets through the UDP protocol and port 2000, deconfiguring the device and thus disabling its use. This equipment is at the end of its useful life cycle.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-09-18