137 matches found
PT-2025-35608
Name of the Vulnerable Software and Affected Versions: Realtek rtl81xx SDK Wi-Fi Driver rtwlanu affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations of Realtek rtl81xx SDK Wi-Fi driver. An attacker must first obtain the...
Realtek rtl81xx SDK Wi-Fi Driver rtwlanu Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Realtek rtl81xx SDK Wi-Fi driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
Realtek RTL8811AU 安全漏洞
The Realtek RTL8811AU is a controller chip from Realtek Semiconductor Realtek, a Chinese company. A security vulnerability exists in the Realtek RTL8811AU that stems from insufficient validation of the N6CSetDOT11CIPHERDEFAULTKEY function, which could lead to local elevation of privilege...
CVE-2024-10748
A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up App 4.47.3 on Android. This issue affects some unknown processing of the file gr/desquared/kmmsharedmodule/db/RealmDB.java of the component Realm Database Handler. The manipulation of the argument...
CVE-2022-30271
The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and initialization scripts such as /etc/init.d/sshdservice only generate a new key if no private-key file exists. Thus, this hardcoded key is likely to be used by default...
CVE-2022-30325
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The default pre-shared key for the Wi-Fi networks is the same for every router except for the last four digits. The device default pre-shared key for both 2.4 GHz and 5 GHz networks can be guessed or brute-forced by an attacker...
CVE-2024-10748
A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up App 4.47.3 on Android. This issue affects some unknown processing of the file gr/desquared/kmmsharedmodule/db/RealmDB.java of the component Realm Database Handler. The manipulation of the argument...
CVE-2024-10748 Cosmote Greece What's Up App Realm Database RealmDB.java default key
A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up App 4.47.3 on Android. This issue affects some unknown processing of the file gr/desquared/kmmsharedmodule/db/RealmDB.java of the component Realm Database Handler. The manipulation of the argument...
CVE-2024-10748 Cosmote Greece What's Up App Realm Database RealmDB.java default key
A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up App 4.47.3 on Android. This issue affects some unknown processing of the file gr/desquared/kmmsharedmodule/db/RealmDB.java of the component Realm Database Handler. The manipulation of the argument...
CVE-2024-10748
Cosmote Greece What’s Up App 4.47.3 (Android) is affected by CVE-2024-10748 in the Realm Database Handler. The issue arises from manipulating the defaultRealmKey in RealmDB.java, causing use of a default cryptographic key. Local access is required; attack complexity is high and exploitation is co...
PT-2024-16512 · Cosmote Greece · Cosmote Greece What'S Up App
Name of the Vulnerable Software and Affected Versions: Cosmote Greece What's Up App version 4.47.3 Description: A problematic issue has been found in the Cosmote Greece What's Up App, affecting the Realm Database Handler component, specifically the file gr/desquared/kmmsharedmodule/db/RealmDB.jav...
CVE-2024-39584
Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution...
Rapid7 Insight Agent 安全漏洞
Rapid7 Insight Agent is a lightweight software from Rapid7 USA. The software is capable of collecting data from IT assets. Rapid7 Insight Agent has a security vulnerability that stems from the use of a key that does not follow the principle of least privilege by default, allowing a local attacker...
Helm 安全漏洞
Helm is a Kubernetes package manager. A security vulnerability exists in Helm version 0.1.143 up to and including 0.2.182, which stems from the creation of personal access tokens using a default key...
PT-2024-2477
Name of the Vulnerable Software and Affected Versions datahub-helm versions 0.1.143 through 0.2.181 Description The issue is related to the use of a default cryptographic key in the helm chart for deploying Datahub in a Kubernetes cluster. If there was a successful initial deployment during a...
Security Advisory 0092
Security Advisory 0092 PDF Date: February 20, 2024 Revision | Date | Changes ---|---|--- 1.0 | February 20, 2024 | Initial release CVSSv3.1 Base Score: 9.8 CVSS:3.1AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Common Weakness Enumeration: CWE-1394 Use of default cryptographic key This vulnerability is bein...
Yealink Config Encrypt Tool Security Vulnerability
YeaLink Yealink Config Encrypt Tool is a configuration encryption tool from China YeaLink. A security vulnerability exists in Yealink Config Encrypt Tool versions prior to 1.2, which stems from a possible decryption risk when encrypting Autop deployment files with a default key...
Ubee DDW365 XCNDDW365 Security Vulnerability
Ubee DDW365 XCNDDW365 is a wireless router. A security vulnerability exists in the Ubee DDW365 XCNDDW365. An attacker can exploit this vulnerability to obtain the default WPA2-PSK value by observing beacon frames...
CVE-2023-33221
When reading DesFire keys, the function that reads the card isn't properly checking the boundaries when copying internally the data received. This allows a heap based buffer overflow that could lead to a potential Remote Code Execution on the targeted device. This is especially problematic if you...
PT-2023-24231 · Desfire · Desfire
Name of the Vulnerable Software and Affected Versions: DesFire affected versions not specified Description: The function that reads the card isn't properly checking the boundaries when copying internally the data received, allowing a heap-based buffer overflow. This could lead to a potential Remo...