13 matches found
EUVD-2015-5564
Malware in sbrugna...
Qualcomm 芯片输入验证错误漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are often manufactured on the surface of semiconductor wafers. The Qualcomm chip has a security vulnerability that stems from a transient...
Remote Vulnerabilities in Automobiles
This group has found a ton of remote vulnerabilities in all sorts of automobiles. Its enough to make you want to buy a car that is not Internet-connected. Unfortunately, that seems to be impossible...
Successful Hack of Time-Triggered Ethernet
Time-triggered Ethernet TTE is used in spacecraft, basically to use the same hardware to process traffic with different timing and criticality. Researchers have defeated it: On Tuesday, researchers published findings that, for the first time, break TTEs isolation guarantees. The result is PCspooF...
lambertautomobiles.be Open Redirect vulnerability
Vulnerable URL: http://www.lambertautomobiles.be/Site/SetCulture.aspx?culture=pl-PL=https://www.openbugbounty.org/ Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 08:27 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly...
automobiles.honda.com XSS vulnerability
Vulnerable URL: http://automobiles.honda.com/tools/dealer-locator/results.aspx?address=a=a="=45344"="="=NEWpFpl1p64MgN4KV Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 21:42 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclos...
Troy Hunt Explains Nissan Leaf Car Hack
Last month, when researcher Troy Hunt argued the dangers of insecure APIs at a security workshop, little did he know hours later he would discover an API vulnerability that allowed remote access to onboard computers of 200,000 Nissan Leaf and eNV200 electric automobiles. “After talking about the...
Authorization
Unspecified vulnerability in Uconnect before 15.26.1, as used in certain Fiat Chrysler Automobiles FCA from 2013 to 2015 models, allows remote attackers in the same cellular network to control vehicle movement, cause human harm or physical damage, or modify dashboard settings via vectors related ...
CVE-2015-5611
Unspecified vulnerability in Uconnect before 15.26.1, as used in certain Fiat Chrysler Automobiles FCA from 2013 to 2015 models, allows remote attackers in the same cellular network to control vehicle movement, cause human harm or physical damage, or modify dashboard settings via vectors related ...
CVE-2015-5611
Unspecified vulnerability in Uconnect before 15.26.1, as used in certain Fiat Chrysler Automobiles FCA from 2013 to 2015 models, allows remote attackers in the same cellular network to control vehicle movement, cause human harm or physical damage, or modify dashboard settings via vectors related ...
automobiles.honda.com XSS vulnerability
Open Bug Bounty ID: OBB-58350 Description| Value ---|--- Affected Website:| automobiles.honda.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention...
Podcast: Threatpost Previews Black Hat 2014
In this special edition of the Digital Underground Podcast, Dennis Fisher interviews fellow Threatpost editor Mike Mimoso and also Threatpost reporter Brian Donohue about the Black Hat security conference, which begins this week in Las Vegas. Topics of discussion include Chris Valasek and Charlie...
With Autos At CES, Are Vehicle Hacks Far Behind?
Sometimes news events just come together in a way that opens a window – even if its a kind of cloudy window – onto the future. So it was this week, as stories about a coming generation of wired automobiles collided with some thought-provoking reports on the vulnerability of said cars to tradition...