XArm 5 Lite, XArm 6 And XArm 7 Security Vulnerabilities

PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS

PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS RM3/CRS dispenser firmware (all versions up to and including 41128 1002 RM3_CRS.BTR + 170329 2332 RM3_CRS.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...

PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5

PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5 CMDv5 dispenser firmware (all versions up to and including 141128 1002 CD5_ATM.BTR + 170329 2332 CD5_ATM.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...

Tuesday, July 2, 2024 Security Releases

Summary The Node.js project will release new versions of the 22.x, 20.x, 18.x releases lines on or shortly after, Tuesday, July 2, 2024 in order to address: 1 high severity issues. 2 medium severity issues. 3 low severity issues. Node.js fetch will be upgraded to undici v6.19.2 on Node.js 18.x...

CVE-2024-38480

"Piccoma" App for Android and iOS versions prior to 6.20.0 uses a hard-coded API key for an external service, which may allow a local attacker to obtain the API key. Note that the users of the app are not directly affected by this...

CVE-2024-3123

CHANGING Mobile One Time Password's uploading function in a hidden page does not filter file type properly. Remote attackers with administrator privilege can exploit this vulnerability to upload and run malicious file to execute system...

CVE-2024-38480

"Piccoma" App for Android and iOS versions prior to 6.20.0 uses a hard-coded API key for an external service, which may allow a local attacker to obtain the API key. Note that the users of the app are not directly affected by this...

CVE-2024-3123

CHANGING Mobile One Time Password's uploading function in a hidden page does not filter file type properly. Remote attackers with administrator privilege can exploit this vulnerability to upload and run malicious file to execute system...

CVE-2020-14383 affecting package samba 4.12.5-6

CVE-2020-14383 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-14323 affecting package samba 4.12.5-6

CVE-2020-14323 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-14318 affecting package samba 4.12.5-6

CVE-2020-14318 affecting package samba 4.12.5-6. No patch is available...

CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5

CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5. This CVE either no longer is or was never...

CVE-2021-43566 affecting package samba 4.12.5-6

CVE-2021-43566 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5

CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5. No patch is available...

CVE-2021-3671 affecting package samba 4.12.5-6

CVE-2021-3671 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-20277 affecting package samba 4.12.5-6

CVE-2021-20277 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-20254 affecting package samba 4.12.5-6

CVE-2021-20254 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-8908 affecting package guava 25.0-5

CVE-2020-8908 affecting package guava 25.0-5. This CVE either no longer is or was never...

CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5

CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5. No patch is available...

CVE-1999-0817 affecting package lynx 2.9.0~dev.9-5

CVE-1999-0817 affecting package lynx 2.9.0~dev.9-5. This CVE either no longer is or was never...

CVE-2020-27748 affecting package xdg-utils 1.1.3-7

CVE-2020-27748 affecting package xdg-utils 1.1.3-7. No patch is available...

CVE-2019-16707 affecting package hunspell 1.7.0-7

CVE-2019-16707 affecting package hunspell 1.7.0-7. This CVE either no longer is or was never...

CVE-2010-4756 affecting package glibc 2.35-7

CVE-2010-4756 affecting package glibc 2.35-7. This CVE either no longer is or was never...

CVE-2010-4226 affecting package cpio 2.13-5

CVE-2010-4226 affecting package cpio 2.13-5. This CVE either no longer is or was never...

CVE-2020-27840 affecting package samba 4.12.5-6

CVE-2020-27840 affecting package samba 4.12.5-6. No patch is available...

CVE-2019-25051 affecting package aspell 0.60.8-5

CVE-2019-25051 affecting package aspell 0.60.8-5. This CVE either no longer is or was never...

CVE-2023-25761 affecting package junit 4.13-5

CVE-2023-25761 affecting package junit 4.13-5. No patch is available...

CVE-2023-0687 affecting package glibc 2.35-7

CVE-2023-0687 affecting package glibc 2.35-7. This CVE either no longer is or was never...

CVE-2018-14628 affecting package samba 4.12.5-6

CVE-2018-14628 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-4055 affecting package xdg-utils 1.1.3-7

CVE-2022-4055 affecting package xdg-utils 1.1.3-7. No patch is available...

CVE-2022-1615 affecting package samba 4.12.5-6

CVE-2022-1615 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-3670 affecting package samba 4.12.5-6

CVE-2021-3670 affecting package samba 4.12.5-6. No patch is available...

CVE-2020-17049 affecting package samba 4.12.5-6

CVE-2020-17049 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-3738 affecting package samba 4.12.5-6

CVE-2021-3738 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-23192 affecting package samba 4.12.5-6

CVE-2021-23192 affecting package samba 4.12.5-6. No patch is available...

CVE-2023-3817 affecting package rust for versions less than 1.68.2-5

CVE-2023-3817 affecting package rust for versions less than 1.68.2-5. A patched version of the package is...

CVE-2024-27304 affecting package telegraf for versions less than 1.28.5-5

CVE-2024-27304 affecting package telegraf for versions less than 1.28.5-5. A patched version of the package is...

CVE-2024-23653 affecting package moby-compose for versions less than 2.17.2-7

CVE-2024-23653 affecting package moby-compose for versions less than 2.17.2-7. A patched version of the package is...

CVE-2022-1941 affecting package grpc 1.42.0-7

CVE-2022-1941 affecting package grpc 1.42.0-7. This CVE either no longer is or was never...

CVE-2023-22466 affecting package netavark 1.0.3-5

CVE-2023-22466 affecting package netavark 1.0.3-5. This CVE either no longer is or was never...

CVE-2022-40898 affecting package python-wheel 0.33.6-7

CVE-2022-40898 affecting package python-wheel 0.33.6-7. No patch is available...

CVE-2020-12825 affecting package libcroco 0.6.13-6

CVE-2020-12825 affecting package libcroco 0.6.13-6. No patch is available...

CVE-2022-32743 affecting package samba 4.12.5-6

CVE-2022-32743 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-0336 affecting package samba 4.12.5-6

CVE-2022-0336 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-32744 affecting package samba 4.12.5-6

CVE-2022-32744 affecting package samba 4.12.5-6. No patch is available...

CVE-2021-20316 affecting package samba 4.12.5-6

CVE-2021-20316 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-28506 affecting package giflib 5.2.1-6

CVE-2022-28506 affecting package giflib 5.2.1-6. No patch is available...

CVE-2022-34176 affecting package junit 4.13-5

CVE-2022-34176 affecting package junit 4.13-5. No patch is available...

CVE-2022-28506 affecting package giflib 5.2.1-5

CVE-2022-28506 affecting package giflib 5.2.1-5. This CVE either no longer is or was never...

CVE-2020-25719 affecting package samba 4.12.5-6

CVE-2020-25719 affecting package samba 4.12.5-6. No patch is available...

CVE-2016-2124 affecting package samba 4.12.5-6

CVE-2016-2124 affecting package samba 4.12.5-6. No patch is available...