174 matches found
Design/Logic Flaw
An encryption-bypass issue was discovered on Espressif ESP-IDF devices through 4.2, ESP8266NONOSSDK devices through 3.0.3, and ESP8266RTOSSDK devices through 3.3. Broadcasting forged beacon frames forces a device to change its authentication mode to OPEN, effectively disabling its 802.11 encrypti...
CVE-2020-12638
An encryption-bypass issue was discovered on Espressif ESP-IDF devices through 4.2, ESP8266NONOSSDK devices through 3.0.3, and ESP8266RTOSSDK devices through 3.3. Broadcasting forged beacon frames forces a device to change its authentication mode to OPEN, effectively disabling its 802.11 encrypti...
CVE-2020-12638
The CVE affects Espressif IoT SDKs: ESP-IDF up to 4.2, ESP8266_NONOS_SDK up to 3.0.3, and ESP8266_RTOS_SDK up to 3.3. A forged-beacon-frame exploit forces a device to switch its authentication mode to OPEN, effectively disabling 802.11 encryption. The underlying issue is an encryption bypass trig...
7 New Flaws Affect All Thunderbolt-equipped Computers Sold in the Last 9 Years
A cybersecurity researcher today uncovers a set of 7 new unpatchable hardware vulnerabilities that affect all desktops and laptops sold in the past 9 years with Thunderbolt, or Thunderbolt-compatible USB-C ports. Collectively dubbed 'ThunderSpy,' the vulnerabilities can be exploited in 9 realisti...
DEBIAN-CVE-2013-2166
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass...
CVE-2013-2166
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass...
CVE-2013-2166
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass...
PYSEC-2019-197
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass...
CVE-2013-2166
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass...
PT-2019-6881 · Openstack · Python-Keystoneclient
Name of the Vulnerable Software and Affected Versions: python-keystoneclient versions 0.2.3 through 0.2.5 Description: The issue concerns a middleware memcache encryption bypass in the python-keystoneclient. No information is provided about the estimated number of potentially affected devices or...
CVE-2016-10761
Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack...
CVE-2019-13053
Logitech Unifying devices allow keystroke injection, bypassing encryption. The attacker must press a "magic" key combination while sniffing cryptographic data from a Radio Frequency transmission. NOTE: this issue exists because of an incomplete fix for CVE-2016-10761...
CVE-2016-10761
Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack...
Sql injection
Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack...
Sql injection
Logitech Unifying devices allow keystroke injection, bypassing encryption. The attacker must press a "magic" key combination while sniffing cryptographic data from a Radio Frequency transmission. NOTE: this issue exists because of an incomplete fix for CVE-2016-10761...
CVE-2019-13053
Logitech Unifying devices allow keystroke injection, bypassing encryption. The attacker must press a "magic" key combination while sniffing cryptographic data from a Radio Frequency transmission. NOTE: this issue exists because of an incomplete fix for CVE-2016-10761...
CVE-2016-10761
CVE-2016-10761 affects Logitech Unifying devices prior to 2016-02-26, enabling keystroke injection and bypassing encryption (MouseJack). The NVD entry lists low to medium severity (CVSS v2 base 3.3, CVSS v3 base 6.5) with adjacent, low-complexity exploitation and no user interaction required. Pub...
CVE-2016-10761
Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack...
Tzumi Electronics Klic Lock Authentication Bypass
CVE-2019-11334 MIT License Copyright c 2019 Kerry Enfinger Python program to unlock any Tzumi Klic smart locks Model 5686 Firmware 6.2 May work on other smart locks Requires valid account email and password from Klic mobile application import argparse import requests import json from subprocess...
CVE-2018-10694
The CVE-2018-10694 issue affects Moxa AWK-3121 (version 1.14). The root cause is an open, unencrypted Wi‑Fi setup by default, enabling an attacker on the same network to sniff traffic between a user’s computer and the device, potentially stealing credentials over HTTP and TELNET, and performing M...