Pcu Security Vulnerabilities
The data flowing between the PCU and its modules is insecure. A threat actor with physical access could potentially read or modify data by attaching a specially crafted device while an infusion is...
6.1CVSS
6AI Score
0.001EPSS
The configuration from the PCU can be modified without authentication using physical connection to the...
6.8CVSS
6.5AI Score
0.001EPSS
The firmware update package for the wireless card is not properly signed and can be...
5.7CVSS
5.7AI Score
0.0004EPSS
BD Alaris PC Unit, Model 8015, Versions 9.33.1 and earlier and BD Alaris Systems Manager, Versions 4.33 and earlier The affected products are vulnerable to a network session authentication vulnerability within the authentication process between specified versions of the BD Alaris PC Unit and the...
7.5CVSS
8AI Score
0.001EPSS
UltraVNC revision 1211 contains multiple memory leaks (CWE-665) in VNC server code, which allows an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be...
7.5CVSS
7.4AI Score
0.005EPSS
UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer handler, which can potentially result code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision...
9.8CVSS
9.7AI Score
0.022EPSS
UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code, which result in out-of-bound data being accessed by remote users. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision...
9.8CVSS
9.6AI Score
0.107EPSS
UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service (DoS). This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision...
7.5CVSS
7.7AI Score
0.011EPSS
UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision...
9.8CVSS
9.7AI Score
0.009EPSS
UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer offer handler, which can potentially in result code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision...
9.8CVSS
9.7AI Score
0.022EPSS
UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer request handler, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision...
9.8CVSS
9.7AI Score
0.022EPSS
UltraVNC revision 1206 has stack-based Buffer overflow vulnerability in VNC client code inside FileTransfer module, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision...
7.5CVSS
7.5AI Score
0.011EPSS
UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which can potentially result code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been...
9.8CVSS
9.8AI Score
0.009EPSS
UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC client code which results code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision...
9.8CVSS
9.7AI Score
0.022EPSS
UltraVNC revision 1205 has stack-based buffer overflow vulnerability in VNC client code inside ShowConnInfo routine, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. User interaction is required to trigger this vulnerability. This...
6.5CVSS
6.5AI Score
0.008EPSS
UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside Ultra decoder, which results in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision...
9.8CVSS
10AI Score
0.012EPSS
UltraVNC revision 1198 contains multiple memory leaks (CWE-655) in VNC client code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be...
7.5CVSS
7.4AI Score
0.005EPSS
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store....
The airbag detonation algorithm allows injury to passenger-car occupants via predictable Security Access (SA) data to the internal CAN bus (or the OBD connector). This affects the airbag control units (aka pyrotechnical control units or PCUs) of unspecified passenger vehicles manufactured in 2014.....
4.7CVSS
4.9AI Score
0.001EPSS