17 matches found
EUVD-2018-3508
Malware in sbrugna...
EUVD-2025-29082
Malicious code in bioql PyPI...
CVE-2025-45584
Incorrect access control in the web service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to download car information without authentication...
CVE-2025-45584
Incorrect access control in the web service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to download car information without authentication...
CVE-2025-45584
The CVE-2025-45584 entry concerns Audi UTR 2.0 Universal Traffic Recorder 2.0. The vulnerability is described as an incorrect access control in the web service, enabling attackers to download car information without authentication. CVSS v3.1 base metrics indicate high impact on confidentiality (C...
CVE-2025-45584
Incorrect access control in the web service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to download car information without authentication...
A week in security (August 11 – August 17)
Last week on Malwarebytes Labs: Italian hotels breached for tens of thousands of scanned IDs National Public Data returns after massive Social Security Number leak Romance scammers in Ghana charged with more than $100 million in theft Netflix scammers target jobseekers to trick them into handing...
Autoexpress 安全漏洞
AutoExpress is a car dealership application for car dealers and car buyers by Raymart DG Individual Developer. A security vulnerability exists in Autoexpress version 1.3.0 that originates from allowing an unauthenticated, remote attacker to escalate privileges, update car data, delete vehicles, a...
CVE-2023-48902
An issue was discovered in tramyardg autoexpress version 1.3.0, allows unauthenticated remote attackers to escalate privileges, update car data, delete vehicles, and upload car images via authentication bypass in uploadCarImages.php...
PT-2024-13658 · Unknown · Tramyardg Autoexpress
Name of the Vulnerable Software and Affected Versions: tramyardg autoexpress version 1.3.0 Description: An issue in tramyardg autoexpress allows unauthenticated remote attackers to escalate privileges, update car data, delete vehicles, and upload car images via authentication bypass in the...
GHSA-9X4H-8WGM-8XFG Malformed CAR panics and excessive memory usage
Impact Versions impacted = [email protected] = [email protected] Description of user-facing changes...
Honda to Start Selling Smart Car Data
The auto giant is just one of many auto companies monetizing smart car data, creating a new industry set to be worth $400 billion by 2030...
Honda to Start Selling Smart Car Data
The auto giant is just one of many auto companies monetizing smart car data, creating a new industry set to be worth $400 billion by 2030...
Design/Logic Flaw
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The data packets that are sent between the iOS or Android application and the OBD dongle are not encrypted. The combination of this vulnerability with the lack of wireless network protection exposes all transferred car data to the...
CVE-2018-11477
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The data packets that are sent between the iOS or Android application and the OBD dongle are not encrypted. The combination of this vulnerability with the lack of wireless network protection exposes all transferred car data to the...
CVE-2018-11477
CVE-2018-11477 affects Vgate iCar 2 Wi‑Fi OBD2 Dongle. The issue is that data packets between the mobile apps (iOS/Android) and the dongle are not encrypted, and there is a lack of wireless network protection. This potentially allows an attacker on the same network to access transferred car data....
CVE-2018-11477
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The data packets that are sent between the iOS or Android application and the OBD dongle are not encrypted. The combination of this vulnerability with the lack of wireless network protection exposes all transferred car data to the...