Lucene search
+L

130 matches found

ICS
ICS
added 2021/05/13 12:0 a.m.116 views

Johnson Controls Sensormatic Tyco AI

1. EXECUTIVE SUMMARY CVSS v3 7.0 Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Equipment: Tyco AI Vulnerability: Off-by-one Error 2. RISK EVALUATION Under specific circumstances, a local attacker could use this vulnerability to obtain super-user access to the underlying...

7.8CVSS8AI score0.99295EPSS
Exploits81References4
ICS
ICS
added 2021/04/29 12:0 a.m.83 views

Johnson Controls Exacq Technologies exacqVision

1. EXECUTIVE SUMMARY CVSS v3 7.0 Vendor: Exacq Technologies, Inc., a subsidiary of Johnson Controls, Inc. Equipment: exacqVision Vulnerability: Off-by-one Error 2. RISK EVALUATION A local attacker could exploit this vulnerability to obtain “Super User” access to the underlying Ubuntu Linux...

7.8CVSS8.1AI score0.99295EPSS
Exploits81References5
ICS
ICS
added 2020/12/08 12:0 a.m.45 views

Medtronic MyCareLink Smart

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable with adjacent access/low skill level to exploit Vendor: Medtronic Equipment: MyCareLink MCL Smart Model 25000 Patient Reader Vulnerabilities: Improper Authentication, Heap-based Buffer Overflow, Time-of-check Time-of-use Race Condition 2...

10CVSS9.1AI score0.03768EPSS
Exploits0References4
ICS
ICS
added 2020/11/17 12:0 a.m.51 views

Johnson Controls Sensormatic Electronics American Dynamics victor Web Client

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely Vendor: Sensormatic Electronics, LLC; a subsidiary of Johnson Controls Equipment: American Dynamics victor Web Client, Software House C•CURE Web Client Vulnerability: Improper Authorization 2. RISK EVALUATION Successful exploitation...

7.1CVSS6.5AI score0.00527EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2020/07/09 2:45 p.m.590 views

CVE-2020-12406

Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Thunderbird 68.9.0, Firefox 77, and Firefox ESR 68.9...

9.3CVSS8.6AI score0.0102EPSS
Exploits0
CVE
CVE
added 2020/07/09 2:45 p.m.298 views

CVE-2020-12406

CVE-2020-12406 involves a missing type check during unboxed objects removal in Mozilla code, leading to a crash that could be exploited to run arbitrary code. Affected products/versions from the provided documents include Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR

9.3CVSS8.3AI score0.0102EPSS
Exploits0References5Affected Software3
RedHat Linux
RedHat Linux
added 2020/06/22 9:41 a.m.3 views

Mozilla: JavaScript Type confusion with NativeTypes

The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code...

9.3CVSS7.4AI score0.0102EPSS
Exploits0References5
ICS
ICS
added 2020/05/21 12:0 a.m.70 views

Johnson Controls Software House C-CURE 9000 and American Dynamics victor VMS

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Equipment: Software House C•CURE 9000 and American Dynamics victor Video Management System Vulnerability: Cleartext Storage of...

9.9CVSS7.7AI score0.0099EPSS
Exploits0References5
Openbugbounty
Openbugbounty
added 2020/04/08 10:25 a.m.8 views

hotel.jetcost.ie Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1136121 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

0.7AI score
Exploits0
ICS
ICS
added 2020/03/10 12:0 a.m.50 views

ICSA-20-070-04_Johnson Controls Kantech EntraPass

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Kantech, a subsidiary of Johnson Controls Equipment: EntraPass Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow malicious code...

10CVSS9.9AI score0.01602EPSS
Exploits0References2
ICS
ICS
added 2020/03/10 12:0 a.m.57 views

Johnson Controls Metasys

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Johnson Controls Equipment: Metasys Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability can allow a...

9.1CVSS8.4AI score0.01286EPSS
Exploits0References5
Schneier on Security
Schneier on Security
added 2020/02/24 12:27 p.m.31 views

Russia Is Trying to Tap Transatlantic Cables

The Times of London is reporting that Russian agents are in Ireland probing transatlantic communications cables. Ireland is the landing point for undersea cables which carry internet traffic between America, Britain and Europe. The cables enable millions of people to communicate and allow financi...

2.3AI score
Exploits0
The Hacker News
The Hacker News
added 2019/12/02 2:26 p.m.7 views

New Facebook Tool Let Users Transfer Their Photos and Videos to Google

Facebook has finally started implementing the open source data portability framework as the first phase of 'Data Transfer Project,' an initiative the company launched last year in collaboration with Google, Apple, Microsoft, and Twitter. Facebook today announced a new feature that will allow its...

5.9AI score
Exploits0
ICS
ICS
added 2019/11/07 12:0 a.m.143 views

Medtronic Valleylab FT10 and LS10

1. EXECUTIVE SUMMARY CVSS v3 4.8 ATTENTION: Low skill level to exploit Vendor: Medtronic Equipment: Valleylab FT10, Valleylab LS10 Vulnerabilities: Improper Authentication, Protection Mechanism Failure 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an attacker to...

4.8CVSS5.2AI score0.00388EPSS
Exploits0References6
ICS
ICS
added 2019/08/15 12:0 a.m.67 views

Johnson Controls Metasys

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: Johnson Controls Equipment: Metasys Vulnerabilities: Reusing a Nonce, Key Pair in Encryption; Use of Hard-coded Cryptographic Key 2. RISK EVALUATION Successful exploitation of these vulnerabilities could be leveraged by an...

9.1CVSS8.7AI score0.0082EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2019/07/26 8:17 a.m.2 views

Silk Road Admin Sentenced to 78 Months in Prison On Drug Trafficking Charges

An Irish national has been jailed for six-and-a-half years for his role as one of the administrators and forum moderators who helped run now-defunct dark web marketplace "Silk Road." Gary Davis, 31, of Wicklow, Ireland, was known as 'Libertas' on the Silk Road website, then-largest underground...

6.7AI score
Exploits0
ICS
ICS
added 2019/06/13 12:0 a.m.240 views

Johnson Controls exacqVision Enterprise System Manager

1. EXECUTIVE SUMMARY CVSS v3 6.7 Vendor: Johnson Controls Equipment: exacqVision Enterprise System Manager ESM Vulnerability: Improper Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow malicious code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS...

7CVSS6.9AI score0.00735EPSS
Exploits1References5
The Hacker News
The Hacker News
added 2019/05/10 7:16 p.m.4 views

U.S. Charges 9 'SIM Swapping' Attackers For Stealing $2.5 Million

The U.S. Department of Justice today announced charges against nine individuals, 6 of which are members of a hacking group called "The Community" and other 3 are former employees of mobile phone providers who allegedly helped them steal roughly $2.5 million worth of the cryptocurrency using a...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2019/05/02 10:17 a.m.28 views

Why Isn't GDPR Being Enforced?

Politico has a long article making the case that the lead GDPR regulator, Ireland, has too cozy a relationship with Silicon Valley tech companies to effectively regulate their privacy practices. Despite its vows to beef up its threadbare regulatory apparatus, Ireland has a long history of caterin...

2AI score
Exploits0
The Hacker News
The Hacker News
added 2019/04/27 10:35 a.m.2 views

New York, Canada, Ireland Launch New Investigations Into Facebook Privacy Breaches

Facebook has a lot of problems, then there are a lot of problems for Facebook—and both are not going to end anytime sooner. Though Facebook has already set aside $5 billion from its revenue to cover a possible fine the company is expecting as a result of an FTC investigation over privacy...

6.6AI score
Exploits0
Rows per page
Query Builder