28 matches found
EUVD-2022-35581
Malicious code in bioql PyPI...
EUVD-2022-35580
Malicious code in bioql PyPI...
EUVD-2022-35576
Malicious code in bioql PyPI...
CVE-2022-32509
An issue was discovered on certain Nuki Home Solutions devices. Lack of certificate validation on HTTP communications allows attackers to intercept and tamper data. This affects Nuki Smart Lock 3.0 before 3.3.5, Nuki Bridge v1 before 1.22.0 and Nuki Bridge v2 before 2.13.2...
CVE-2022-32506
An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access to the circuit board could use the SWD debug features to control the execution of code on the processor and debug the firmware, as well as read or alter the content of the internal and external flash...
CVE-2022-32508
An issue was discovered on certain Nuki Home Solutions devices. By sending a malformed HTTP verb, it is possible to force a reboot of the device. This affects Nuki Bridge v1 before 1.22.0 and v2 before 2.13.2...
CVE-2022-32509
An issue was discovered on certain Nuki Home Solutions devices. Lack of certificate validation on HTTP communications allows attackers to intercept and tamper data. This affects Nuki Smart Lock 3.0 before 3.3.5, Nuki Bridge v1 before 1.22.0 and Nuki Bridge v2 before 2.13.2...
CVE-2022-32506
An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access to the circuit board could use the SWD debug features to control the execution of code on the processor and debug the firmware, as well as read or alter the content of the internal and external flash...
CVE-2022-32504
An issue was discovered on certain Nuki Home Solutions devices. The code used to parse the JSON objects received from the WebSocket service provided by the device leads to a stack buffer overflow. An attacker would be able to exploit this to gain arbitrary code execution on a KeyTurner device. Th...
Nuki Bridge 安全漏洞
Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in Nuki Bridge v1.x prior to v1.22.0 and v2.x prior to v2.13.2, and Nuki Keypad v1.9.2 prior to v1.9.2, which stems from the presence of a stack buffer overflow that can be exploited by an attacker to execute...
Nuki Bridge 安全漏洞
Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in v1.x versions prior to Nuki Bridge v1.22.0 and v2.x versions prior to v2.13.2, and Nuki Keypad v1.9.2 prior to v1.9.2, which stems from the fact that an attacker may be able to connect to the device and...
Nuki Bridge 安全漏洞
Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in Nuki Bridge v1.x prior to v1.22.0 and v2.x prior to v2.13.2, and Nuki Keypad v1.9.2 prior to v1.9.2, which stems from a failure to implement access control for different BLE commands for different accounts...
Nuki Bridge 安全漏洞
Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in Nuki Bridge v1.x prior to v1.22.0 and v2.x prior to v2.13.2, and Nuki Keypad v1.9.2 prior to v1.9.2, which stems from an attacker being able to use debugging functionality to control the execution of code o...
Nuki Bridge 安全漏洞
Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in v1.x versions of Nuki Bridge prior to v1.22.0 and v2.x versions prior to v2.13.2, and Nuki Keypad prior to v1.9.2, which stems from a lack of certificate validation for HTTP communications, allowing an...
Nuki Bridge 安全漏洞
Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in Nuki Bridge v1.x prior to v1.22.0 and v2.x prior to v2.13.2, and Nuki Keypad v1.9.2 prior to v1.9.2, which stems from the fact that sending an incorrectly formatted HTTP verb can force a device to reboot...
vNuki Bridge 安全漏洞
Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in v1.x versions prior to Nuki Bridge v1.22.0 and v2.x versions prior to v2.13.2, and Nuki Keypad v1.9.2 prior to v1.9.2, which stems from the presence of a buffer overflow that allows remote code execution...
Nuki Bridge 安全漏洞
Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in Nuki Bridge v1.x prior to v1.22.0 and v2.x prior to v2.13.2, and Nuki Keypad v1.9.2 prior to v1.9.2, which stems from the fact that sending multiple incorrectly-formatted packets can prevent certain functio...
Nuki Bridge 安全漏洞
Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in Nuki Bridge v1.x prior to v1.22.0 and v2.x prior to v2.13.2, and Nuki Keypad v1.9.2 prior to v1.9.2, which stems from a publicly available HTTP API that uses an unencrypted channel to provide a management...
CVE-2022-32506
Summary: CVE-2022-32506 relates to Nuki Smart Lock firmware where the root cause involves BLE command access that can be misused. Connected document details (RH entry) describe that some BLE commands, which should be restricted to privileged accounts, could be invoked by unprivileged accounts. Af...
CVE-2022-32510
An issue in Nuki Bridge where the HTTP API admin interface was exposed over an unencrypted channel, allowing an attacker who can access the network to eavesdrop a token and impersonate a legitimate user to access the full API. Affected: Nuki Bridge v1 before 1.22.0 and v2 before 2.13.2. Root caus...