Luckyzflop

Name of the Vulnerable Software and Affected Versions: IEC104 version 1.0 Description: A segmentation violation in the `Iec104 Deal I` function allows attackers to cause a denial of service. Recommendations: For IEC104 version 1.0, consider disabling the `Iec104 Deal I` function as a temporary workaround until a patch is available.

Name of the Vulnerable Software and Affected Versions: IEC104 version 1.0 Description: A segmentation violation in the `Iec104 Deal FirmUpdate` function allows attackers to cause a denial of service. Recommendations: For IEC104 version 1.0, as a temporary workaround, consider disabling the `Iec104 Deal FirmUpdate` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: Eclipse IOT Cyclone DDS Project version 0.1.0 Description: A stack buffer overflow in the /ddsi/q bitset.h file causes the DDS subscriber server to crash. Recommendations: For Eclipse IOT Cyclone DDS Project version 0.1.0, consider disabling access to the /ddsi/q bitset.h file as a temporary workaround until a patch is available. Restrict the use of the DDS subscriber server to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Eclipse IOT Cyclone DDS Project version 0.1.0 Description: A heap buffer overflow in the /src/dds stream.c file causes the DDS subscriber server to crash. Recommendations: For Eclipse IOT Cyclone DDS Project version 0.1.0, consider disabling access to the /src/dds stream.c file as a temporary workaround until a patch is available. Restrict the use of the DDS subscriber server to minimize the risk of exploitation.