M12-2 firmware
This hub aggregates every CVE we track for M12-2 firmware, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.
13
CVEs tracked
1
Critical
6
High
0
In CISA KEV
Severity distribution
HIGH6MEDIUM4LOW2CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 13 most recently published vulnerabilities affecting M12-2 firmware.
- CVE-2021-23840Integer overflow in CipherUpdate7.5
- CVE-2021-3326The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts ...7.5
- CVE-2020-8177curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.7.8
- CVE-2020-8285curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.7.5
- CVE-2020-8284A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about s...3.7
- CVE-2020-1968Raccoon attack3.7
- CVE-2020-13817ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed pa...7.4
- CVE-2019-6109An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate t...6.8
- CVE-2019-6111An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only pe...5.9
- CVE-2018-20685In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the t...5.3
- CVE-2018-3693Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer ov...5.6
- CVE-2018-1000007libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the h...9.8
- CVE-2016-8610A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remo...7.5
Product normalization is registry-driven with AI assist and human review. How it works