59 matches found
CVE-2022-26078
Gallagher Controller 6000 is vulnerable to a Denial of Service attack via conflicting ARP packets with a duplicate IP address. This issue affects: Gallagher Gallagher Controller 6000 vCR8.60 versions prior to 220303a; vCR8.50 versions prior to 220303a; vCR8.40 versions prior to 220303a; vCR8.30...
EUVD-2021-10260
Malware in sbrugna...
EUVD-2021-10303
Malware in sbrugna...
EUVD-2024-20983
Malicious code in bioql PyPI...
EUVD-2023-26601
Malicious code in bioql PyPI...
EUVD-2024-19944
Malicious code in bioql PyPI...
EUVD-2022-30646
Malicious code in bioql PyPI...
Gallagher Controller 7000 信任管理问题漏洞
The Gallagher Controller 7000 is a powerful network connectivity controller from Gallagher New Zealand. A security vulnerability exists in the Gallagher Controller 7000 version 9.30 up to and including vCR9.30.250624a, which stems from improper certificate validation and could result in a denial ...
CVE-2024-23485
Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation CWE-1304 in the Controller 6000 and 7000 can lead to secured door locks connected via Aperio Communication Hubs to momentarily allow free access. This issue affects: Gallagher Controller 6000 and...
CVE-2024-22387
External Control of Critical State Data CWE-642 in the Controller 6000 and Controller 7000 diagnostic web interface allows an authenticated user to modify device I/O connections leading to unexpected behavior that in some circumstances could compromise site physical security controls. Gallagher...
CVE-2023-22439
Improper input validation of a large HTTP request in the Controller 6000 and Controller 7000 optional diagnostic web interface Port 80 can be used to perform a Denial of Service of the diagnostic web interface. This issue affects: Gallagher Controller 6000 and 7000 8.90 prior to vCR8.90.231204a...
CVE-2023-6355
Incorrect selection of fuse values in the Controller 7000 platform allows an attacker to bypass some protection mechanisms to enable local debug. This issue affects: Gallagher Controller 7000 9.00 prior to vCR9.00.231204b distributed in 9.00.1507 MR1, 8.90 prior to vCR8.90.231204a distributed in...
CVE-2023-24590
A format string issue in the Controller 6000's optional diagnostic web interface can be used to write/read from memory, and in some instances crash the Controller 6000 leading to a Denial of Service. This issue affects: Gallagher Controller 6000 8.60 prior to vCR8.60.231116a distributed in...
Gallagher Controller 6000和Gallagher Controller 7000 安全漏洞
The Gallagher Controller 6000 and Gallagher Controller 7000 are both products of Gallagher New Zealand.The Gallagher Controller 6000 is an interface between a Gallagher Command Center server and distributed field hardware. The Gallagher Controller 7000 is a powerful network connected controller. ...
Controller 6000和Controller 7000 安全漏洞
The Gallagher Controller 6000 and Gallagher Controller 7000 are both products of Gallagher New Zealand.The Gallagher Controller 6000 is an interface between a Gallagher Command Center server and distributed field hardware. The Gallagher Controller 7000 is a powerful network connected controller. ...
Controller 6000和Controller 7000 安全漏洞
The Gallagher Controller 6000 and Gallagher Controller 7000 are both products of Gallagher New Zealand.The Gallagher Controller 6000 is an interface between a Gallagher Command Center server and distributed field hardware. The Gallagher Controller 7000 is a powerful network connected controller. ...
CVE-2024-23485
Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation CWE-1304 in the Controller 6000 and 7000 can lead to secured door locks connected via Aperio Communication Hubs to momentarily allow free access. This issue affects: Gallagher Controller 6000 and...
CVE-2024-22387
External Control of Critical State Data CWE-642 in the Controller 6000 and Controller 7000 diagnostic web interface allows an authenticated user to modify device I/O connections leading to unexpected behavior that in some circumstances could compromise site physical security controls. Gallagher...
CVE-2024-23485
Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation CWE-1304 in the Controller 6000 and 7000 can lead to secured door locks connected via Aperio Communication Hubs to momentarily allow free access. This issue affects: Gallagher Controller 6000 and...
CVE-2024-23485
CVE-2024-23485 affects Gallagher Controller 6000 and 7000. Root cause: improper preservation of hardware configuration state during a power save/restore operation, which can cause Aperio-connected door locks to momentarily allow free access. Affected versions span 8.60 and prior; 8.70 prior to vC...