Lucene search
K

29 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-23639

Malicious code in bioql PyPI...

5.4CVSS5.1AI score0.00276EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-23641

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00332EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-23640

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.0038EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.188 views

Amazon Fire TV YouTube Remote Control

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Amazon Fire TV YouTube Remote Control', 'Description' = %q This module acts as a simple remote control for the Amazon Fire TV's YouTube app. Test...

7.4AI score
Exploits0
NVD
NVD
added 2023/05/03 1:15 p.m.23 views

CVE-2023-1385

Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to unauthorized authentication to amzn.lightning services. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with...

8.8CVSS7.5AI score0.00332EPSS
Exploits0References1
NVD
NVD
added 2023/05/03 1:15 p.m.24 views

CVE-2023-1384

The setMediaSource function on the amzn.thin.pl service does not sanitize the "source" parameter allowing for arbitrary javascript code to be run This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS versions prior to 7.6.3.3...

6.1CVSS5.2AI score0.0038EPSS
Exploits0References1
Prion
Prion
added 2023/05/03 1:15 p.m.23 views

Input validation

Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to unauthorized authentication to amzn.lightning services. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with...

5.8CVSS8.6AI score0.00332EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/05/03 1:15 p.m.18 views

Code injection

The setMediaSource function on the amzn.thin.pl service does not sanitize the "source" parameter allowing for arbitrary javascript code to be run This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS versions prior to 7.6.3.3...

5.8CVSS6.4AI score0.0038EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/03 12:33 p.m.13 views

CVE-2023-1385

Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to unauthorized authentication to amzn.lightning services. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with...

7.1CVSS8.8AI score0.00332EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/03 12:33 p.m.31 views

CVE-2023-1385

Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to unauthorized authentication to amzn.lightning services. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with...

7.1CVSS8.9AI score0.00332EPSS
Exploits0References1
CVE
CVE
added 2023/05/03 12:33 p.m.42 views

CVE-2023-1385

CVE-2023-1385 describes an improper JPAKE implementation that allows offline PIN brute-forcing due to initializing random values to a known value, enabling unauthorized authentication to amzn.lightning services. Affected: Amazon Fire TV Stick 3rd gen before 6.2.9.5 and Insignia TV with FireOS 7.6...

8.8CVSS8.6AI score0.00332EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/05/03 12:16 p.m.12 views

CVE-2023-1383

An Improper Enforcement of Behavioral Workflow vulnerability in the exchangeDeviceServices function on the amzn.dmgr service allowed an attacker to register services that are only locally accessible. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with Fire...

5.4CVSS5.4AI score0.00276EPSS
Exploits0References1
Prion
Prion
added 2023/05/03 12:16 p.m.34 views

Input validation

An Improper Enforcement of Behavioral Workflow vulnerability in the exchangeDeviceServices function on the amzn.dmgr service allowed an attacker to register services that are only locally accessible. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with Fire...

3.3CVSS4.6AI score0.00276EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/03 12:10 p.m.8 views

CVE-2023-1384

The setMediaSource function on the amzn.thin.pl service does not sanitize the "source" parameter allowing for arbitrary javascript code to be run This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS versions prior to 7.6.3.3...

4.3CVSS6.5AI score0.0038EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/03 12:10 p.m.39 views

CVE-2023-1384

The setMediaSource function on the amzn.thin.pl service does not sanitize the "source" parameter allowing for arbitrary javascript code to be run This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS versions prior to 7.6.3.3...

4.3CVSS6.6AI score0.0038EPSS
Exploits0References1
CVE
CVE
added 2023/05/03 12:10 p.m.44 views

CVE-2023-1384

The CVE-2023-1384 issue affects Amazon Fire TV Stick 3rd-gen devices (pre-6.2.9.5) and Insignia FireOS TVs (pre-7.6.3.3). The root cause is improper sanitization of the source parameter in the setMediaSource function of the amzn.thin.pl service, which can allow arbitrary JavaScript execution. Rem...

6.1CVSS6.4AI score0.0038EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/05/03 11:42 a.m.18 views

CVE-2023-1383

An Improper Enforcement of Behavioral Workflow vulnerability in the exchangeDeviceServices function on the amzn.dmgr service allowed an attacker to register services that are only locally accessible. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with Fire...

5.4CVSS5.7AI score0.00276EPSS
Exploits0References1
CVE
CVE
added 2023/05/03 11:42 a.m.62 views

CVE-2023-1383

CVE-2023-1383 involves an improper enforcement of a behavioral workflow in the exchangeDeviceServices function of the amzn.dmgr service. Public documents specify affected devices: Amazon Fire TV Stick (3rd gen) before 6.2.9.5 and Insignia TV with FireOS before 7.6.3.3. The vulnerability enables a...

5.4CVSS4.6AI score0.00276EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/03 11:42 a.m.12 views

CVE-2023-1383

An Improper Enforcement of Behavioral Workflow vulnerability in the exchangeDeviceServices function on the amzn.dmgr service allowed an attacker to register services that are only locally accessible. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with Fire...

5.4CVSS5.4AI score0.00276EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/05/03 12:0 a.m.5 views

PT-2023-16945 · Amazon +1 · Amazon Fire Tv Stick +1

Name of the Vulnerable Software and Affected Versions: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5 Insignia TV with FireOS versions prior to 7.6.3.3 Description: An issue with the exchangeDeviceServices function on the amzn.dmgr service allowed an attacker to register services that are...

5.4CVSS4.6AI score0.00276EPSS
Exploits0References3
Rows per page
Query Builder