115 matches found
MAL-2022-91 Malicious code in @audi-cct/teaser-feature-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c4bf5b9b172fa13a666e247c29ea5993af008cf7b6371aa719add1ac288724f8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
forms.audi.com.au Cross Site Scripting vulnerability OBB-2374039
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
audi-konfuzius-institut-ingolstadt.de Improper Access Control vulnerability OBB-2205245
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
A week in security (June 14 – June 20)
Last week on Malwarebytes Labs: How to delete your Instagram account. Working from home? You’re probably being spied on. Another one bites the dust: Avaddon ransomware group shuts down operation. Patch now! Apple fixes in-the-wild iPhone vulnerabilities. Windows 10 to retire in four years or 52...
Volkswagen Vendor Exposed Data of 3.3m Drivers
One of Volkswagen’s vendors left one of its systems open for nearly two years, exposing the personal data of 3.3 million customers – nearly all of them owners or wannabe owners of the automaker’s luxury brand of Audis – Volkswagen America said last week. The breach took place between August 2019...
CVE-2020-27524
On Audi A7 MMI 2014 vehicles, the Bluetooth stack in Audi A7 MMI Multiplayer with version N+RCNAUP0395 mishandles %x and %s format string specifiers in a device name. This may lead to memory content leaks and potentially crash the services...
CVE-2020-27524
On Audi A7 MMI 2014 vehicles, the Bluetooth stack in Audi A7 MMI Multiplayer with version N+RCNAUP0395 mishandles %x and %s format string specifiers in a device name. This may lead to memory content leaks and potentially crash the services...
Format string
On Audi A7 MMI 2014 vehicles, the Bluetooth stack in Audi A7 MMI Multiplayer with version N+RCNAUP0395 mishandles %x and %s format string specifiers in a device name. This may lead to memory content leaks and potentially crash the services...
CVE-2020-27524
The CVE-2020-27524 entry concerns the Bluetooth stack in the Audi A7 MMI 2014 family, specifically the MMI Multiplayer variant labeled N+R_CN_AU_P0395. The underlying issue is a mishandling of %x and %s format string specifiers in a device name, which can lead to memory content leaks and may caus...
CVE-2020-27524
On Audi A7 MMI 2014 vehicles, the Bluetooth stack in Audi A7 MMI Multiplayer with version N+RCNAUP0395 mishandles %x and %s format string specifiers in a device name. This may lead to memory content leaks and potentially crash the services...
audi-a3.cbct.com.tw Cross Site Scripting vulnerability OBB-1386151
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
collaboration.msi.audi.com Improper Access Control vulnerability
Security Researcher Nep13371998 Helped patch 562 vulnerabilities Received 4 Coordinated Disclosure badges Received 7 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting collaboration.msi.audi.com website and its users...
Audi Travel App has a Bursting Vulnerability
Audi Travel App is a travel service software. Audi Travel APP is vulnerable to a blasting vulnerability. An attacker can log in to any user account and perform unauthorized operations by grabbing packets and bursting them...
erwin.audi.com XSS vulnerability
Open Bug Bounty ID: OBB-594280 Description| Value ---|--- Affected Website:| erwin.audi.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
ak-edit.audi.de XSS vulnerability
Open Bug Bounty ID: OBB-483825 Description| Value ---|--- Affected Website:| ak-edit.audi.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
sixt.com.au XSS vulnerability
Vulnerable URL: https://www.sixt.com.au/gfx/leasing/firmenwagen/angebote/audi-tt.swf?motxt=Jetzt%2520informieren!=javascript:alertOPENBUGBOUNTY Details: Description| Value ---|--- Patched:| No Latest check for patch:| 18.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...
sixt.no XSS vulnerability
Vulnerable URL: https://www.sixt.no/gfx/leasing/firmenwagen/angebote/audi-tt.swf?motxt=Jetzt%2520informieren!=javascript:alert%60OPENBUGBOUNTY%60 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 18.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...
sixt.se XSS vulnerability
Vulnerable URL: https://www.sixt.se/gfx/leasing/firmenwagen/angebote/audi-tt.swf?motxt=Jetzt%2520informieren!=javascript:alert%60OPENBUGBOUNTY%60 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 18.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...
sixt.ro XSS vulnerability
Vulnerable URL: https://www.sixt.ro/gfx/leasing/firmenwagen/angebote/audi-tt.swf?motxt=Jetzt%2520informieren!=javascript:alert%60OPENBUGBOUNTY%60 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 18.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...
sixt.pl XSS vulnerability
Vulnerable URL: https://www.sixt.pl/gfx/leasing/firmenwagen/angebote/audi-tt.swf?motxt=Jetzt%2520informieren!=javascript:alert%60OPENBUGBOUNTY%60 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 18.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...