22 matches found
EUVD-2022-35581
Malicious code in bioql PyPI...
EUVD-2022-35577
Malicious code in bioql PyPI...
EUVD-2022-35578
Malicious code in bioql PyPI...
EUVD-2022-35579
Malicious code in bioql PyPI...
CVE-2022-32505
An issue was discovered on certain Nuki Home Solutions devices. It is possible to send multiple BLE malformed packets to block some of the functionality and reboot the device. This affects Nuki Smart Lock 3.0 before 3.3.5 and Nuki Smart Lock 2.0 before 2.12.4...
CVE-2022-32509
An issue was discovered on certain Nuki Home Solutions devices. Lack of certificate validation on HTTP communications allows attackers to intercept and tamper data. This affects Nuki Smart Lock 3.0 before 3.3.5, Nuki Bridge v1 before 1.22.0 and Nuki Bridge v2 before 2.13.2...
CVE-2022-32506
An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access to the circuit board could use the SWD debug features to control the execution of code on the processor and debug the firmware, as well as read or alter the content of the internal and external flash...
CVE-2022-32509
An issue was discovered on certain Nuki Home Solutions devices. Lack of certificate validation on HTTP communications allows attackers to intercept and tamper data. This affects Nuki Smart Lock 3.0 before 3.3.5, Nuki Bridge v1 before 1.22.0 and Nuki Bridge v2 before 2.13.2...
CVE-2022-32505
An issue was discovered on certain Nuki Home Solutions devices. It is possible to send multiple BLE malformed packets to block some of the functionality and reboot the device. This affects Nuki Smart Lock 3.0 before 3.3.5 and Nuki Smart Lock 2.0 before 2.12.4...
CVE-2022-32504
An issue was discovered on certain Nuki Home Solutions devices. The code used to parse the JSON objects received from the WebSocket service provided by the device leads to a stack buffer overflow. An attacker would be able to exploit this to gain arbitrary code execution on a KeyTurner device. Th...
CVE-2022-32505
An issue was discovered on certain Nuki Home Solutions devices. It is possible to send multiple BLE malformed packets to block some of the functionality and reboot the device. This affects Nuki Smart Lock 3.0 before 3.3.5 and Nuki Smart Lock 2.0 before 2.12.4...
CVE-2022-32506
Summary: CVE-2022-32506 relates to Nuki Smart Lock firmware where the root cause involves BLE command access that can be misused. Connected document details (RH entry) describe that some BLE commands, which should be restricted to privileged accounts, could be invoked by unprivileged accounts. Af...
CVE-2022-32506
An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access to the circuit board could use the SWD debug features to control the execution of code on the processor and debug the firmware, as well as read or alter the content of the internal and external flash...
CVE-2022-32507
CVE-2022-32507 involves a vulnerability in certain Nuki Home Solutions devices where BLE commands that should require privileged access could be invoked by unprivileged accounts due to missing access controls across account types. Affected products: Nuki Smart Lock 3.0 prior to 3.3.5 and Nuki Sma...
CVE-2022-32504
Technical details for CVE-2022-32504 are not publicly provided in the supplied documents. No concrete exploit, impact, or remediation information is present here. Monitor for updates.
CVE-2022-32509
Technical details for CVE-2022-32509 are not publicly available in the provided documents. No specific affected versions, root cause, impact, or fixes are described here; monitor official advisories for updates.
CVE-2022-32509
An issue was discovered on certain Nuki Home Solutions devices. Lack of certificate validation on HTTP communications allows attackers to intercept and tamper data. This affects Nuki Smart Lock 3.0 before 3.3.5, Nuki Bridge v1 before 1.22.0 and Nuki Bridge v2 before 2.13.2...
PT-2024-11573 · Nuki · Nuki Bridge V2 +2
Name of the Vulnerable Software and Affected Versions: Nuki Smart Lock versions 3.0 through 3.3.5 Nuki Bridge v1 versions 1.0 through 1.22.0 Nuki Bridge v2 versions 2.0 through 2.13.2 Description: An issue was discovered on certain Nuki Home Solutions devices, where lack of certificate validation...
PT-2024-11568 · Nuki · Keyturner +2
Name of the Vulnerable Software and Affected Versions: Nuki Smart Lock versions 3.0 through 3.3.4 Nuki Smart Lock versions 2.0 through 2.12.3 Nuki Bridge versions 1.0 through 1.21.9 Nuki Bridge versions 2.0 through 2.13.1 Description: An issue was discovered in certain Nuki Home Solutions devices...
PT-2024-11571 · Nuki · Nuki Smart Lock 2.0 +1
Name of the Vulnerable Software and Affected Versions: Nuki Smart Lock 3.0 versions 3.0 through 3.3.4 Nuki Smart Lock 2.0 versions 2.0 through 2.12.3 Description: An issue was discovered on certain Nuki Home Solutions devices, where some BLE commands could be called from unprivileged accounts,...