CVE-2024-41276

A vulnerability in Kaiten version 57.131.12 and earlier allows attackers to bypass the PIN code authentication mechanism. The application requires users to input a 6-digit PIN code sent to their email for authorization after entering their login credentials. However, the request limiting mechanis...

CVE-2024-41276

A vulnerability in Kaiten version 57.131.12 and earlier allows attackers to bypass the PIN code authentication mechanism. The application requires users to input a 6-digit PIN code sent to their email for authorization after entering their login credentials. However, the request limiting mechanis...

PT-2024-28903 · Shenzhen Libituo Technology Co. · Lbt-T300-T400

Name of the Vulnerable Software and Affected Versions: Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 version 3.2 Description: A stack overflow issue was discovered via the pin 3g code parameter in the config 3g para function. Recommendations: For version 3.2, avoid using the pin 3g code...

PT-2024-4355 · NetGear · Netgear Wnr614 N300

Name of the Vulnerable Software and Affected Versions: Netgear WNR614 N300 version JNR1010V2/N300-V1.1.0.54 1.0.1 Description: The issue is related to the implementation of the WPS in the Netgear WNR614 N300 router, which allows attackers to gain access to the router's pin. This can enable a remo...

RHEL 9 : bluez (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - kernel: impersonation attack in Bluetooth Mesh Provisioning CVE-2020-26560 - bluez: BlueZ allows physical...

CVE-2024-33788

Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the PinCode parameter at /API/info form endpoint...

CVE-2024-29244

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the pincode3g parameter at /apply.cgi...

CVE-2024-29244

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the pincode3g parameter at /apply.cgi...

PT-2024-22839 · Shenzhen Libituo Technology Co. · Lbt-T300-Mini

Name of the Vulnerable Software and Affected Versions: Shenzhen Libituo Technology Co., Ltd LBT-T300-mini version 1.2.9 Description: A buffer overflow issue was discovered via the pin code 3g parameter at the "/apply.cgi" API endpoint. Recommendations: For version 1.2.9, avoid using the pin code ...

Shenzhen Libituo Technology LBT-T300-mini 安全漏洞

The Shenzhen Libituo Technology LBT-T300-mini is a mini-plug-in router from Shenzhen Libituo Technology China. A security vulnerability exists in the Shenzhen Libituo Technology LBT-T300-mini v1.2.9, which is caused by a buffer overflow in the pincode3g parameter in /apply.cgi...

CVE-2024-26131

Element Android is an Android Matrix Client. Element Android version 1.4.3 through 1.6.10 is vulnerable to intent redirection, allowing a third-party malicious application to start any internal activity by passing some extra parameters. Possible impact includes making Element Android display an...

CVE-2023-49790 App PIN code can be bypassed in Nextcloud Files iOS

The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platform. Prior to version 4.9.2, the application can be used without providing the 4 digit PIN code. Nextcloud iOS Files app should be upgraded to 4.9.2 to receive the patch. No known workaroun...

PT-2023-31352

Name of the Vulnerable Software and Affected Versions Nextcloud iOS Files app versions prior to 4.9.2 Description The issue affects the Nextcloud iOS Files app, which is used to interact with the Nextcloud self-hosted productivity platform. It allows the application to be used without providing t...

App PIN code can be bypassed in Files iOS

None...

CVE-2023-33092

Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size...

Memory corruption

Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size...

PT-2023-24182 · Bluetooth · Bluetooth

Name of the Vulnerable Software and Affected Versions: Bluetooth affected versions not specified Description: The issue is related to memory corruption that occurs while processing a pin reply in Bluetooth. This happens when the pin code received from the APP layer exceeds the expected size...

Updated kernel-linus packages fix security vulnerabilities

This kernel update is based on upstream 6.5.11 and fixes or adds mitigations for at least the following security issues: A use-after-free vulnerability was found in drivers/nvme/target/tcp.c in nvmettcpfreecrypto due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue ma...

Motorola MR2600 License Issues Vulnerability

The Motorola MR2600 is a wireless router from Motorola. An authorization issue vulnerability previously existed in the Motorola MR2600 v1.0.18, which stemmed from a brute-force cracking of the WPS PIN code when in range of a wireless network, allowing unauthorized access to the wireless network...

CVE-2022-40725

PingID Desktop prior to the latest released version 1.7.4 contains a vulnerability that can be exploited to bypass the maximum PIN attempts permitted before the time-based lockout is activated...