FaceSentry Access Control System 6.4.8 Cleartext Password Storage

FaceSentry Access Control System 6.4.8 Cleartext Password Storage Vendor: iWT Ltd. Product web page: http://www.iwt.com.hk Affected version: Firmware 6.4.8 build 264 Algorithm A16 Firmware 5.7.2 build 568 Algorithm A14 Firmware 5.7.0 build 539 Algorithm A14 Summary: FaceSentry 5AN is a...

FaceSentry Access Control System 6.4.8 - Cross-Site Request Forgery

FaceSentry Access Control System 6.4.8 - Cross-Site Request Forgery FaceSentry Access Control System 6.4.8 Cross-Site Request Forgery Vendor: iWT Ltd. Product web page: http://www.iwt.com.hk Affected version: Firmware 6.4.8 build 264 Algorithm A16 Firmware 5.7.2 build 568 Algorithm A14 Firmware...

CVE-2019-6965

An XSS issue was discovered in i-doit Open 1.12 via the src/tools/php/qr/qr.php url parameter...

i-doit 1.12 - 'qr.php' Cross-Site Scripting

Exploit Title: i-doit 1.12 Cross Site Scripting on qr.php file Date: 28-03-2019 Software Link: https://www.i-doit.org/ Version: 1.12 Exploit Author: BlackFog Team Contact: [email protected] Website: https://securelayer7.net Category: webapps Tested on: Firefox in Kali Linux. CVE: CVE-2019-696...

Part 1: Mobile Banking and Buying – The Good and the Bad

Banking and buying with your mobile device is powerful and convenient—and in some ways safer than using your bank card. You can check your balance, make secure payments, deposit checks, and transfer funds. You can even connect your debit or credit card to Apple or Google Pay or another payment...

Fedora 29 : phpMyAdmin (2019-09ae31d880)

Upstream announcement: Security fix: phpMyAdmin 4.8.5 is released The phpMyAdmin team announces the release of phpMyAdmin version 4.8.5. Among other bug fixes, this contains several important security fixes. Upgrading is highly recommended for all users. The security fixes involve : - Arbitrary...

Razy in search of cryptocurrency

Last year, we discovered malware that installs a malicious browser extension on its victim's computer or infects an already installed extension. To do so, it disables the integrity check for installed extensions and automatic updates for the targeted browser. Kaspersky Lab products detect the...

Yi Home Camera Code Execution Vulnerability (CNVD-2018-22811)

Yi Home Camera is an IoT home camera sold worldwide. A code execution vulnerability exists in the QR code scanning feature of Yi Home Camera 27US 1.8.7.0D. The vulnerability can be exploited by an attacker to cause a buffer overflow via a specially crafted QR code, which can be used for code...

Yi Home Camera Code Execution Vulnerability (CNVD-2018-22812)

Yi Home Camera is an IoT home camera sold worldwide. A code execution vulnerability exists in the QR code scanning feature of Yi Home Camera 27US 1.8.7.0D. The vulnerability can be exploited by an attacker to cause a buffer overflow via a specially crafted QR code, which can be used for code...

Buffer overflow

An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. The transinfo call can overwrite a buffer of size 0x104, which is more than enough to...

CVE-2018-3899

An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. The transinfo call can overwrite a buffer of size 0x104, which is more than enough to...

Buffer overflow

An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. The transinfo call can overwrite a buffer of size 0x104, which is more than enough to...

CVE-2018-3898

An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. The transinfo call can overwrite a buffer of size 0x104, which is more than enough to...

CVE-2018-3899

An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. The transinfo call can overwrite a buffer of size 0x104, which is more than enough to...

CVE-2018-3898

An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. The transinfo call can overwrite a buffer of size 0x104, which is more than enough to...

CVE-2018-3898

Summary (concrete details from provided sources): CVE-2018-3898 affects the Yi Home Camera 27US running version 1.8.7.0D. The vulnerability exists in the QR code scanning path (trans_info), where a specially crafted QR code can cause a buffer overflow (buffer size 0x104) by overflowing the ssid_d...

CVE-2018-3899

CVE-2018-3899 affects Yi Technology Home Camera 27US 1.8.7.0D QR code scanning. A crafted QR code can trigger a buffer overflow in trans_info during parsing of the fields for password and SSID, overwriting the return address and enabling code execution. The issue is documented as a QR code trans_...

PT-2018-16291 · Yi · Yi Home Camera

Name of the Vulnerable Software and Affected Versions: Yi Home Camera 27US version 1.8.7.0D Description: An exploitable code execution issue exists in the QR code scanning functionality. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. The trans info call can...

PT-2018-16292 · Yi · Yi Home Camera

Name of the Vulnerable Software and Affected Versions: Yi Home Camera 27US version 1.8.7.0D Description: An exploitable code execution issue exists in the QR code scanning functionality. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. The trans info call can...

CVE-2018-3900

An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. An attacker can make the camera scan a QR code to trigger this vulnerability...