CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSRAM SYLVANIA Osram Lightify Pro is an open IoT platform for automated control of lighting devices from OSRAM Germany. A security vulnerability exists in OSRAM SYLVANIA Osram Lightify Pro 2016-07-26 and prior versions. An attacker can exploit the vulnerability to obtain and re-execute used...

7.5CVSS6.9AI score0.00487EPSS

Exploits2References1

OSV•added 2017/04/10 3:59 a.m.•1 views

CVE-2016-5057

OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning...

7.5CVSS5.8AI score0.00487EPSS

Exploits1References1

OSV•added 2017/04/10 3:59 a.m.•3 views

CVE-2016-5056

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK...

7.5CVSS5.8AI score0.00487EPSS

Exploits1References1

OSV•added 2017/04/10 3:59 a.m.•1 views

CVE-2016-5059

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 allows attackers to obtain sensitive information by reading screenshots under /private/var/mobile/Containers/Data/Application...

6.5CVSS5.8AI score0.00487EPSS

Exploits2References1

OSV•added 2017/04/10 3:59 a.m.•2 views

CVE-2016-5055

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page...

6.1CVSS5.8AI score0.00487EPSS

Exploits1References1

OSV•added 2017/04/10 3:59 a.m.•1 views

CVE-2016-5058

OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay...

7.5CVSS5.8AI score0.00487EPSS

Exploits1References1

NVD•added 2017/04/10 3:59 a.m.•10 views

CVE-2016-5057

OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning...

7.5CVSS7.6AI score0.0031EPSS

Exploits1References1

NVD•added 2017/04/10 3:59 a.m.•10 views

CVE-2016-5058

OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay...

7.5CVSS7.6AI score0.00259EPSS

Exploits1References1

Prion•added 2017/04/10 3:59 a.m.•15 views

Code injection

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page...

4.3CVSS6.3AI score0.00487EPSS

Exploits2References1

Prion•added 2017/04/10 3:59 a.m.•9 views

Design/Logic Flaw

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 allows attackers to obtain sensitive information by reading screenshots under /private/var/mobile/Containers/Data/Application...

4CVSS6.5AI score0.00487EPSS

Exploits2References1

Cvelist•added 2017/04/10 3:0 a.m.•13 views

CVE-2016-5059

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 allows attackers to obtain sensitive information by reading screenshots under /private/var/mobile/Containers/Data/Application...

6.2AI score0.00237EPSS

Exploits1References1

Cvelist•added 2017/04/10 3:0 a.m.•16 views

CVE-2016-5057

OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning...

7.6AI score0.0031EPSS

Exploits1References1

Cvelist•added 2017/04/10 3:0 a.m.•21 views

CVE-2016-5058

OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay...

7.6AI score0.00259EPSS

Exploits1References1

CVE•added 2017/04/10 3:0 a.m.•38 views

CVE-2016-5058

CVE-2016-5058 references OSRAM SYLVANIA Osram Lightify Pro/Lightify Home. Connected CNVD data reveals a MITM vulnerability in Lightify Home due to the program’s failure to use SSL pinning, affecting versions 2016-07-26 and earlier. An attacker could intercept SSL/TLS traffic and capture encrypted...

7.5CVSS7.5AI score0.00259EPSS

Exploits1References1Affected Software1

CVE•added 2017/04/10 3:0 a.m.•45 views

CVE-2016-5059

CVE-2016-5059 involves OSRAM SYLVANIA Osram Lightify Home. The CNVD entry (CNVD-2017-12298) describes it as a vulnerability in versions up to 2016-07-26 where the application fails to implement SSL pinning, enabling a man-in-the-middle attacker to intercept SSL/TLS traffic from the affected syste...

6.5CVSS6.2AI score0.00237EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by