56 matches found
Genians Genian NAC 安全漏洞
Genians Genian NAC is a network security and access control software from Genians Korea. It helps organizations identify IP-enabled devices, manage vulnerabilities and check device configurations to protect network access environments. A security vulnerability exists in Genians Genian NAC that...
PT-2023-23304 · Sick · Sick Eventcam App
Name of the Vulnerable Software and Affected Versions: SICK EventCam App affected versions not specified Description: A remote unprivileged attacker can intercept communication via Man-In-The-Middle attacks due to the absence of Transport Layer Security TLS in the app. This lack of encryption can...
CVE-2023-28045
Dell CloudIQ Collector version 1.10.2 contains a missing encryption of sensitive data vulnerability. An attacker with low privileges could potentially exploit this vulnerability, leading to gain access to unauthorized data...
Sielco PolyEco1000 授权问题漏洞
Sielco PolyEco1000 is an environmental monitoring and control system from Sielco designed to monitor and control data on water quality, meteorology, gas concentrations, energy management and environmental parameters. A security vulnerability exists in Sielco PolyEco1000 that stems from the...
The vulnerability of the FortiMail IBE (Identity-Based Encryption) service of the FortiMail email protection system allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the FortiMail IBE Identity-Based Encryption service of the FortiMail email protection system lies in the lack of encryption measures for protected data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected informati...
Design/Logic Flaw
An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, and because of password-based authentication, they are vulnerable to replay attacks...
The vulnerability of the microprogramming software of the Simatic Ident industrial identification and positioning system, due to the lack of encryption, allows attackers to gain access to the data.
The vulnerability of the microprogramming software in Simatic Ident system-based industrial identification and positioning systems is related to the lack of encryption. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to data transmitted between the...
Medtronic's Implantable Defibrillators Vulnerable to Life-Threatening Hacks
The U.S. Department of Homeland Security Thursday issued an advisory warning people of severe vulnerabilities in over a dozen heart defibrillators that could allow attackers to fully hijack them remotely, potentially putting lives of millions of patients at risk. Cardioverter Defibrillator is a...
The vulnerability of the microprogramming software used in Moxa EDS and IKS switches allows a intruder to gain unauthorized access to protected information.
The vulnerability of Microprogrammed Software in Moxa EDS and IKS switches stems from the lack of encryption measures for protected data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the identification and access control system of IBM Cloud Private allows a perpetrator to expose protected information.
The vulnerability of the IBM Cloud Private storage access identification and management system arises from the lack of encryption measures for protected data. Exploiting this vulnerability could allow attackers to disclose protected information...
TeleGrab Malware Steals Telegram Desktop Messaging Sessions, Steam Credentials
Recently discovered malware steals cache data and secure messaging sessions from the desktop version of encrypted messaging service Telegram. The malware, dubbed TeleGrab, leverages weak default settings in the design of Telegram’s desktop version along with the desktop’s lack of support for Secr...
KeySniffer Lets Hackers Steal Keystrokes from Wireless Keyboards
Radio-based wireless keyboards and mice that use a special USB dongle to communicate with your PC can expose all your secrets – your passwords, credit card numbers and everything you type. Back in February, researchers from the Internet of things security firm Bastille Networks demonstrated how...
Sierra Wireless industrial gateways security vulnerabilities
A wireless gateway suitable for a number of industrial applications is vulnerable to remote exploit because of a lack of encryption in its update and reprogramming processes, an advisory from the Industrial Control Systems Cyber Emergency Response Team said yesterday. The Sierra Wireless AirLink...
#Blackhat Conference : Square Mobile Gadget allows to Hack Credit Cards
Blackhat Conference : Square Mobile Gadget allows to Hack Credit Cards Researchers at the Black Hat security conference today revealed two ways the Square payment system , which turns any iPhone, iPad or Android into a point-of-sale credit card processor, could be used for fraud. Square a mobile...
Hi5.com XSS / XSRF / URL Redirection / Lack Of Encryption
============================================= INTERNET SECURITY AUDITORS ALERT 2010-11 - Original release date: 29th October 2010 - Last revised: 1st May 2011 - Discovered by: Eduardo Garcia Melia - Severity: 7.8/10 CVSSv2 Base Scored ============================================= I. VULNERABILITY...
CVE-2001-0133
CVE-2001-0133 affects Interscan VirusWall 3.6.x and earlier. The web administration interface reportedly does not use encryption, enabling remote attackers to obtain the administrator password by sniffing credentials sent during login or via setpasswd.cgi and other HTTP GET requests that transmit...