EUVD-2024-46849

Malicious code in bioql PyPI...

CVE-2024-5676

The Paradox IP150 Internet Module in version 1.40.00 is vulnerable to Cross-Site Request Forgery CSRF attacks due to a lack of countermeasures and the use of the HTTP method GET to introduce changes in the system...

Paradox IP150 Internet Module 1.40.00 Cross Site Request Forgery

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Paradox IP150 Internet Module Cross-Site Request Forgery Link: https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240321-01ParadoxCrossSiteRequestForgery Vulnerability Overview The Paradox IP150 Internet Module in version 1.40.00 i...

CVE-2024-5676

The Paradox IP150 Internet Module in version 1.40.00 is vulnerable to Cross-Site Request Forgery CSRF attacks due to a lack of countermeasures and the use of the HTTP method GET to introduce changes in the system...

CVE-2024-5676 Paradox IP150 Internet Module Cross-Site Request Forgery

The Paradox IP150 Internet Module in version 1.40.00 is vulnerable to Cross-Site Request Forgery CSRF attacks due to a lack of countermeasures and the use of the HTTP method GET to introduce changes in the system...

CVE-2024-5676

CVE-2024-5676 affects the Paradox IP150 Internet Module, version 1.40.00. The issue is a Cross-Site Request Forgery (CSRF) vulnerability caused by a lack of countermeasures and the use of HTTP GET to introduce changes in the system. No exploitation details are provided in the supplied documents. ...

CVE-2024-5676 Paradox IP150 Internet Module Cross-Site Request Forgery

The Paradox IP150 Internet Module in version 1.40.00 is vulnerable to Cross-Site Request Forgery CSRF attacks due to a lack of countermeasures and the use of the HTTP method GET to introduce changes in the system...

Paradox IP150 Cross-Site Request Forgery Vulnerability

Paradox IP150 is a communication module from Paradox USA that provides monitoring and management of Paradox devices over the web. The module provides a web interface to monitor and manage connected Paradox devices. A security vulnerability exists in Paradox IP150 version 1.40.00, which stems from...

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on September 13, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

Paradox IP150 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Paradox Equipment: IP150 Vulnerabilities: Stack-based Buffer Overflow, Classic Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...