CVE-2024-4008

FDSK Leak in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to take control via access to local KNX Bus-System

Publication date: Wed, 05 Jun 2024 18:15:00 +0000


Cyber News related to CVE-2024-4008

CVE-2015-1007 - A specially crafted configuration file could be used to cause a stack-based buffer overflow condition in the OPCTest.exe, which may allow remote code execution on Opto 22 PAC Project Professional versions prior to R9.4008, PAC Project Basic versions ...
4 years ago
CVE-2010-4200 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-4008. Reason: This candidate is a duplicate of CVE-2010-4008. Notes: All CVE users should reference CVE-2010-4008 instead of this candidate. All references and descriptions in ...
54 years ago Tenable.com
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
2 months ago Cisa.gov
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
3 months ago Cisa.gov
CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
4 days ago Tenable.com
The Top 24 Security Predictions for 2024 - Welcome to the second installment of this comprehensive annual look at global cybersecurity industry predictions from the top security industry vendors, technology magazines, expert thought leaders and many more. Last week, in part one of The Top 24 ...
5 months ago Securityboulevard.com
Securing Gold: Assessing Cyber Threats on Paris 2024 - The next Olympic Games hosted in Paris will take place from 26 July to 11 August 2024, while the Paralympic Games will be carried out from 28 August to 8 September 2024. Paris 2024 estimated the number of spectators for the next edition to be 9,7 ...
5 months ago Blog.sekoia.io
The Top 24 Security Predictions for 2024 - For 2024, top topics range from upcoming elections to regional wars to space exploration to advances in AI. And with technology playing a more central role in every area of life, annual cybersecurity prediction reports, cyber industry forecasts and ...
5 months ago Securityboulevard.com
CVE-2024-4008 - FDSK Leak in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to take control via access to local KNX Bus-System ...
1 week ago
Patch Now: Critical Windows Kerberos Bug Bypasses Microsoft Security - Microsoft eased enterprise security teams into 2024 with a relatively light January security update consisting of patches for 48 unique CVEs, just two of which the company identified as being of critical severity. For the second straight month, ...
5 months ago Darkreading.com
CVE-2013-3646 - The Cybozu Live application before 2.0.1 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site. NOTE: this vulnerability exists because of a ...
8 years ago
CVE-2021-4008 - A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as ...
1 year ago
CVE-2005-4008 - SQL injection vulnerability in jax_calendar.php in Jax Calendar 1.34 allows remote attackers to execute arbitrary SQL commands via the (1) cal_id parameter, and possibly the (2) Y and (3) m parameters. ...
15 years ago
CVE-2009-4008 - Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote attackers to cause a denial of service (DNSSEC outage) via a crafted query. ...
13 years ago
CVE-2008-4008 - Unspecified vulnerability in the WebLogic Server Plugins for Apache component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 allows remote attackers to affect confidentiality, integrity, and availability via ...
11 years ago
CVE-2012-4008 - The Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site. ...
10 years ago
CVE-2014-4008 - SAP Web Services Tool (CA-WUI-WST) has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors. ...
9 years ago
CVE-2007-4008 - Directory traversal vulnerability in custom.php in Entertainment Media Sharing CMS allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagename parameter. ...
6 years ago
CVE-2006-4008 - PHP remote file inclusion vulnerability in index.php in Knusperleicht Faq 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the faq_path parameter. ...
5 years ago
CVE-2016-4008 - The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate. ...
5 years ago
CVE-2018-18756 - Local Server 1.0.9 has a Buffer Overflow via crafted data on Port 4008. ...
5 years ago
CVE-2010-4008 - libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to ...
4 years ago
CVE-2020-4008 - The installer of the macOS Sensor for VMware Carbon Black Cloud (prior to 3.5.1) handles certain files in an insecure way. A malicious actor who has local access to the endpoint on which a macOS sensor is going to be installed, may overwrite a ...
2 years ago
CVE-2019-4008 - API Connect V2018.1 through 2018.4.1.1 is impacted by access token leak. Authorization tokens in some URLs can result in the tokens being written to log files. IBM X-Force ID: 155626. ...
1 year ago
CVE-2018-4008 - An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the RunVpncScript command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this ...
1 year ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)