CVE-2018-9149

The Zyxel Multy X AC3000 Tri-Band WiFi System device doesn't use a suitable mechanism to protect the UART. After an attacker dismantles the device and uses a USB-to-UART cable to connect the device, he can use the 1234 password for the root account to login to the system. Furthermore, an attacker...

Bluefin (Ingenico) IPP320 failing to communicate with Sage Exchange Desktop via ICA Channel Serial COM Port

Serial COM port redirected device Bluefin Ingenico IPP320 with encryption, fails to complete the communication with the Sage Payment Solutions...

Huawei IPTV STB Authentication Bypass Vulnerability

Huawei IPTV STB is an internet set-top box product from Huawei, a Chinese company. An authentication bypass vulnerability exists in Huawei IPTV STB version V100R003C01LMYTa6SPC001. The vulnerability can be exploited to bypass authentication and watch channels for free by accessing the serial...

CVE-2017-8176

Huawei IPTV STB with earlier than IPTV STB V100R003C01LMYTa6SPC001 versions has an authentication bypass vulnerability. An attacker could exploit this vulnerability to access the serial interface and modify the configuration. Successful exploit could lead to the authentication bypass and view...

Authentication flaw

Huawei IPTV STB with earlier than IPTV STB V100R003C01LMYTa6SPC001 versions has an authentication bypass vulnerability. An attacker could exploit this vulnerability to access the serial interface and modify the configuration. Successful exploit could lead to the authentication bypass and view...

CVE-2017-8176

Huawei IPTV STB with earlier than IPTV STB V100R003C01LMYTa6SPC001 versions has an authentication bypass vulnerability. An attacker could exploit this vulnerability to access the serial interface and modify the configuration. Successful exploit could lead to the authentication bypass and view...

CVE-2017-8176

Huawei IPTV STB with earlier than IPTV STB V100R003C01LMYTa6SPC001 versions has an authentication bypass vulnerability. An attacker could exploit this vulnerability to access the serial interface and modify the configuration. Successful exploit could lead to the authentication bypass and view...

CVE-2017-8176

CVE-2017-8176 pertains to Huawei IPTV STB (earlier than V100R003C01LMYTa6SPC001). The vulnerability is an authentication bypass that could be exploited to access the device’s serial interface and modify configuration, potentially enabling viewing channels for free. Affected component/condition: H...

CVE-2017-18232

The Serial Attached SCSI SAS implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service deadlock by triggering certain error-handling code...

CVE-2017-18232

The Serial Attached SCSI SAS implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service deadlock by triggering certain error-handling code...

Linux kernel denial of service vulnerability (CNVD-2018-06401)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the Serial Attached SCSI SAS implementation in Linux kernel 4.15.9 and earlier versions, which stems from a program's failure to...

Fuzzing and Data Manipulation Framework: Fuddly

Among the variety of complementary approaches used in the security evaluation of a target e.g. , software, an embedded equipment, etc. , fuzz testing—abbreviated fuzzing —is widely recognized as an effective means to help discovering security weaknesses in a target. Fuzzing is a software testing...

Logic design flaws in Kenda Renko 485 devices

RS485 temperature and humidity logger/temperature and humidity controller The transmitter is widely used in communication rooms, warehouses and buildings, as well as self-control and other places where temperature and humidity monitoring is required, the input power supply within the sensor, the...

USN-3583-1: Linux kernel vulnerabilities

It was discovered that an out-of-bounds write vulnerability existed in the Flash-Friendly File System f2fs in the Linux kernel. An attacker could construct a malicious file system that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-0750 It...

Enterprise Networking Operating System (ENOS) Authentication Bypass in Lenovo and IBM RackSwitch and BladeCenter Products - Lenovo Support US

No description provided...

Enterprise Networking Operating System (ENOS) Authentication Bypass in Lenovo and IBM RackSwitch and BladeCenter Products - US

Lenovo Security Advisory: LEN-16095 Potential Impact: An attacker could gain access to the switch management interface, permitting settings changes that could result in exposing traffic passing through the switch, subtle malfunctions in the attached infrastructure, and partial or complete denial ...

CVE-2018-7259

The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account credentials to http://installLog.flightsimlabs.com/LogHandler3.ashx if a pirated serial number has been entered, which allows remote attackers to obtain sensitive information, e.g., by sniffing the networ...

CVE-2018-7259

The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account credentials to http://installLog.flightsimlabs.com/LogHandler3.ashx if a pirated serial number has been entered, which allows remote attackers to obtain sensitive information, e.g., by sniffing the networ...

CVE-2018-7259

The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account credentials to http://installLog.flightsimlabs.com/LogHandler3.ashx if a pirated serial number has been entered, which allows remote attackers to obtain sensitive information, e.g., by sniffing the networ...

UBUNTU-CVE-2017-16914

The "stubsendretsubmit" function drivers/usb/usbip/stubtx.c in the Linux Kernel before version 4.14.8, 4.9.71, 4.1.49, and 4.4.107 allows attackers to cause a denial of service NULL pointer dereference via a specially crafted USB over IP packet...