31 matches found
CVE-2025-65408
A NULL pointer dereference in the ADTSAudioFileServerMediaSubsession::createNewRTPSink function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service DoS via supplying a crafted ADTS file...
EUVD-2020-29012
Malware in sbrugna...
Malicious code in shopify-adt (npm)
The package shopify-adt was found to contain malicious code...
MAL-2025-33112 Malicious code in shopify-adt (npm)
The package shopify-adt was found to contain malicious code...
Security company ADT announces security breach of customer data
Electronic surveillance equipment provider ADT filed a form 8-K with the Security and Exchange Commision SEC to report “a cybersecurity incident during which unauthorized actors illegally accessed certain databases containing ADT customer order information.” An 8-K is a report of unscheduled...
Malicious code in adt-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2e95d61525e6c36a296c2d14cd22f5474e59db5ed89e969279b3127d99f61a5b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-874 Malicious code in adt-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2e95d61525e6c36a296c2d14cd22f5474e59db5ed89e969279b3127d99f61a5b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
adt-netzwerk.de Cross Site Scripting vulnerability OBB-2646015
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
A week in security (June 14 – June 20)
Last week on Malwarebytes Labs: How to delete your Instagram account. Working from home? You’re probably being spied on. Another one bites the dust: Avaddon ransomware group shuts down operation. Patch now! Apple fixes in-the-wild iPhone vulnerabilities. Windows 10 to retire in four years or 52...
Yandex Employee Caught Selling Access to Users' Email Inboxes
Russian Dutch-domiciled search engine, ride-hailing and email service provider Yandex on Friday disclosed a data breach that compromised 4,887 email accounts of its users. The company blamed the incident on an unnamed employee who had been providing unauthorized access to the users' mailboxes for...
CVE-2020-8101
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in HTTP interface of ADT LifeShield DIY HD Video Doorbell allows an attacker on the same network to execute commands on the device. This issue affects: ADT LifeShield DIY HD Video Doorbell version...
Command injection
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in HTTP interface of ADT LifeShield DIY HD Video Doorbell allows an attacker on the same network to execute commands on the device. This issue affects: ADT LifeShield DIY HD Video Doorbell version...
CVE-2020-8101 Command execution due to unsanitized input in LifeShield DIY HD Video Doorbell
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in HTTP interface of ADT LifeShield DIY HD Video Doorbell allows an attacker on the same network to execute commands on the device. This issue affects: ADT LifeShield DIY HD Video Doorbell version...
CVE-2020-8101
CVE-2020-8101 affects ADT LifeShield DIY HD Video Doorbell (likely firmware 1.0.02R09 and earlier). The flaw is an HTTP-interface command-injection due to unsanitized input, enabling local attackers on the same network to inject commands and potentially gain root access. The issue also allows unp...
ADT LifeShield DIY HD Video Doorbell Command Injection Vulnerability
ADT LifeShield DIY HD Video Doorbell is a doorbell monitoring system from ADT Corporation. A security vulnerability exists in ADT LifeShield DIY HD Video Doorbell version 1.0.02R09 and prior versions, which can be exploited by an attacker on the same network to execute commands on the device...
ADT Security Camera Flaws Open Homes to Eavesdropping
UPDATE Researchers have publicly disclosed security flaws found in ADT-owned LifeShield security cameras, which, if exploited, could have allowed a local attacker to eavesdrop on victims’ conversations or tap into a live video feed. The LifeShield brand is owned by security giant ADT. Specificall...
Warning Issued Over Hackable ADT's LifeShield Home Security Cameras
Newly discovered security vulnerabilities in ADT's Blue formerly LifeShield home security cameras could have been exploited to hijack both audio and video streams. The vulnerabilities tracked as CVE-2020-8101 were identified in the video doorbell camera by Bitdefender researchers in February 2020...
Warning Issued Over Hackable ADT's LifeShield Home Security Cameras
Newly discovered security vulnerabilities in ADT's Blue formerly LifeShield home security cameras could have been exploited to hijack both audio and video streams. The vulnerabilities tracked as CVE-2020-8101 were identified in the video doorbell camera by Bitdefender researchers in February 2020...
ADT Tech Hacks Home-Security Cameras to Spy on Women
Former ADT employee Telesforo Aviles took note when there were attractive women at a home he serviced in the Dallas area. Then he would add his personal email address to their accounts so he could have around-the-clock access to their most private moments, according to the U.S. Attorneys’ Office...
R7-2016-23, R7-2016-26, R7-2016-27: Multiple Home Security Vulnerabilities
Executive Summary In October of 2016, former Rapid7 researcher Phil Bosco discovered a number of relatively low-risk vulnerabilities and issues involving home security systems that are common throughout the United States, and which have significant WiFi or Ethernet capabilities. The three systems...