Lucene search
K

271 matches found

CNNVD
CNNVD
added 2023/01/13 12:0 a.m.4 views

NVIDIA DGX 访问控制错误漏洞

NVIDIA DGX is a high-performance workstation for deep learning applications from NVIDIA. A security vulnerability exists in NVIDIA DGX Station. An attacker exploiting this vulnerability could read, write, and erase flash memory, resulting in code execution, privilege escalation, denial of service...

8.2CVSS7.8AI score0.00184EPSS
Exploits0References2
OSV
OSV
added 2022/12/26 5:15 a.m.6 views

CVE-2022-24120

Certain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0...

4.6CVSS5.8AI score0.00184EPSS
Exploits0References1
NVD
NVD
added 2022/12/26 5:15 a.m.35 views

CVE-2022-24120

Certain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0...

4.6CVSS0.00184EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/12/26 12:0 a.m.31 views

CVE-2022-24120

Certain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0...

5.1AI score0.00184EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/26 12:0 a.m.8 views

CVE-2022-24120

Certain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0...

6.9AI score0.00184EPSS
Exploits0References1
CVE
CVE
added 2022/12/26 12:0 a.m.65 views

CVE-2022-24120

CVE-2022-24120 affects General Electric Renewable Energy iNET and iNET II radios (prior to firmware 8.3.0). The root cause is plaintext (cleartext) storage of credentials in the device flash memory, exposing sensitive data on affected systems. Impact is confidentiality risk (C:H) with vector like...

4.6CVSS4.8AI score0.00184EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/12/13 4:15 p.m.4 views

CVE-2022-46142

Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords...

5.2CVSS5.8AI score0.00262EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/12/13 12:0 a.m.32 views

CVE-2022-46142

Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords...

5.7CVSS6.2AI score0.00262EPSS
Exploits0References2
CVE
CVE
added 2022/12/13 12:0 a.m.97 views

CVE-2022-46142

CVE-2022-46142 affects Siemens RUGGEDCOM and SCALANCE devices. CLI passwords are stored in flash memory in an encrypted/recoverable form, so attackers with physical access could retrieve and decrypt them. Root cause: storing CLI passwords in flash; impact: confidentiality high; exploitation requi...

5.7CVSS5.3AI score0.00262EPSS
Exploits0References2Affected Software1
Rapid7 Blog
Rapid7 Blog
added 2022/11/01 7:25 p.m.27 views

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Pt. 3

Welcome back to our blog series on Rapid7's IoT Village exercise from DEF CON 30. In our previous posts, we covered how to achieve access to flash memory and how to extract file system data from the device. In this post, we'll cover how to modify the data we've extracted. Modify extracted file...

0.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/10/25 5:40 p.m.34 views

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Pt. 2

Welcome back to our blog series on Rapid7's IoT Village exercise from DEF CON 30. Last week, we covered the basics of the exercise and achieving access to flash memory. In this post, we'll cover how to extract partition data. Extracting partition data The next step in our hands-on IoT hacking...

7.3AI score
Exploits0
NVD
NVD
added 2022/08/11 2:15 a.m.11 views

CVE-2022-38161

The Gumstix Overo SBC on the VSKS board through 2022-08-09, as used on the Orlan-10 and other platforms, allows unrestricted remapping of the NOR flash memory containing the bitstream for the FPGA...

7.5CVSS0.00573EPSS
Exploits0References3
Prion
Prion
added 2022/08/11 2:15 a.m.16 views

Unrestricted file upload

The Gumstix Overo SBC on the VSKS board through 2022-08-09, as used on the Orlan-10 and other platforms, allows unrestricted remapping of the NOR flash memory containing the bitstream for the FPGA...

4.3CVSS7.6AI score0.00573EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2022/08/11 1:36 a.m.59 views

CVE-2022-38161

The CVE-2022-38161 entry concerns the Gumstix Overo SBC on the VSKS board (used in Orlan-10 and others) with risk through 2022-08-09. Concrete detail: an unrestricted remapping of the NOR flash memory that contains the FPGA bitstream is possible, enabling potential integrity/availability risks to...

7.5CVSS7.6AI score0.00573EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/08/11 1:36 a.m.17 views

CVE-2022-38161

The Gumstix Overo SBC on the VSKS board through 2022-08-09, as used on the Orlan-10 and other platforms, allows unrestricted remapping of the NOR flash memory containing the bitstream for the FPGA...

7.8AI score0.00573EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/08/11 12:0 a.m.6 views

PT-2022-24248 · Gumstix · Gumstix Overo Sbc

Name of the Vulnerable Software and Affected Versions: Gumstix Overo SBC on the VSKS board through 2022-08-09 Description: The issue allows unrestricted remapping of the NOR flash memory containing the bitstream for the FPGA, as used on the Orlan-10 and other platforms. Recommendations: For Gumst...

7.5CVSS7.4AI score0.00573EPSS
Exploits0References5
CNVD
CNVD
added 2022/07/22 12:0 a.m.22 views

Oracle ZFS Storage Appliance Input Validation Error Vulnerability

Oracle ZFS Storage Appliance is a storage appliance that supports flash memory, petabyte file storage and built-in Oracle database from Oracle USA. A security vulnerability exists in Oracle ZFS Storage Appliance Kit version 8.8, which stems from a vulnerability that allows an elevated-privilege...

8.2CVSS7.8AI score0.00273EPSS
Exploits0References1
OSV
OSV
added 2022/06/09 11:15 p.m.3 views

CVE-2017-20025

A vulnerability was found in Solare Solar-Log 2.8.4-56/3.5.2-85. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Flash Memory. The manipulation leads to privilege escalation. The attack can be launched remotely. Upgrading to version...

9.8CVSS5.3AI score0.0102EPSS
Exploits1References2
NVD
NVD
added 2022/06/09 11:15 p.m.16 views

CVE-2017-20025

A vulnerability was found in Solare Solar-Log 2.8.4-56/3.5.2-85. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Flash Memory. The manipulation leads to privilege escalation. The attack can be launched remotely. Upgrading to version...

9.8CVSS0.0102EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/06/09 10:36 p.m.4 views

CVE-2017-20025 Solare Solar-Log Flash Memory privileges management

A vulnerability was found in Solare Solar-Log 2.8.4-56/3.5.2-85. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Flash Memory. The manipulation leads to privilege escalation. The attack can be launched remotely. Upgrading to version...

7.3CVSS9.8AI score0.0102EPSS
Exploits1References2
Rows per page
Query Builder