59 matches found
EUVD-2024-21353
Malicious code in bioql PyPI...
EUVD-2024-21365
Malicious code in bioql PyPI...
EUVD-2024-21387
Malicious code in bioql PyPI...
EUVD-2024-21386
Malicious code in bioql PyPI...
EUVD-2024-21389
Malicious code in bioql PyPI...
EUVD-2024-21354
Malicious code in bioql PyPI...
EUVD-2024-21388
Malicious code in bioql PyPI...
CVE-2024-23962
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DLT interface, which listens on TCP port 3490 by default. The issue...
CVE-2024-23963
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists...
CVE-2024-23963
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists...
CVE-2024-23962
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DLT interface, which listens on TCP port 3490 by default. The issue...
Alpine Halo9 安全漏洞
Alpine Halo9 is a multimedia player from Alpine. A security vulnerability exists in Alpine Halo9 that stems from a failure to properly validate the length of user-supplied data before copying it to a stack-based buffer. An attacker exploiting this vulnerability could execute code in a rooted...
Alpine Halo9 安全漏洞
Alpine Halo9 is a multimedia player from Alpine. A security vulnerability exists in Alpine Halo9 that stems from a lack of authentication before allowing access to features. An attacker exploiting the vulnerability could execute arbitrary code...
CVE-2024-23963 Alpine Halo9 Stack-based Buffer Overflow
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists...
CVE-2024-23963
CVE-2024-23963 concerns Alpine Halo9 devices. The flaw is in the PBAP_DecodeVCARD function where insufficient validation of user-supplied data length before copying to a stack-based buffer allows a network-adjacent attacker who can pair a malicious Bluetooth device to execute code with root privi...
CVE-2024-23963 Alpine Halo9 Stack-based Buffer Overflow
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists...
CVE-2024-23962 Alpine Halo9 Missing Authentication
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DLT interface, which listens on TCP port 3490 by default. The issue...
CVE-2024-23962 Alpine Halo9 Missing Authentication
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DLT interface, which listens on TCP port 3490 by default. The issue...
CVE-2024-23962
CVE-2024-23962 (Alpine Halo9) : The flaw exists in the DLT interface, which listens on TCP port 3490. It permits remote attackers to disclose sensitive information due to a lack of authentication before accessing functionality. The impact is described as attackers potentially leveraging this in c...
CVE-2024-23961
Alpine Halo9 UPDMwemCmdUpdFSpeDecomp Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specifi...