Lucene search
K

496 matches found

CVE
CVE
added 2024/09/28 6:10 a.m.54 views

CVE-2024-23958

CVE-2024-23958 affects Autel MaxiCharger AC Elite Business C50 with a BLE vulnerability in the BLE AppAuthenRequest handler that uses hardcoded credentials as a fallback. This allows network-adjacent attackers to bypass authentication on affected charging stations. The NVD entry lists a high base...

8.8CVSS7AI score0.00796EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/09/28 6:10 a.m.39 views

CVE-2024-23958 Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass Vulnerability

Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Autel MaxiCharger AC Elite Business C50 charging stations. Authentication is not requir...

6.5CVSS0.00796EPSS
Exploits0References1
Veracode
Veracode
added 2024/09/16 9:10 a.m.11 views

Heap-based Buffer Overflow

libzephyr.so is vulnerable to a Heap-based Buffer Overflow. The vulnerability is due to inadequate validation of buffer lengths in BLE connection update operations, which could lead to a divide by zero condition...

7.6CVSS6.9AI score0.00437EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2024/09/16 7:15 a.m.30 views

CVE-2024-1578

The MiCard PLUS Ci and MiCard PLUS BLE reader products developed by rf IDEAS and rebranded by NT-ware have a firmware fault that may result in characters randomly being dropped from some ID card reads, which would result in the wrong ID card number being assigned during ID card self-registration...

5.3CVSS0.00204EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/09/16 12:0 a.m.5 views

rf IDEAS MiCard PLUS Ci和MiCard PLUS BLE 安全漏洞

The rf IDEAS MiCard PLUS Ci and rf IDEAS MiCard PLUS BLE are both a card reader from rf IDEAS, Inc. in the USA. A security vulnerability exists in the rf IDEAS MiCard PLUS Ci and MiCard PLUS BLE that stems from a firmware failure that results in the assignment of an incorrect ID card number durin...

5.3CVSS6.8AI score0.00204EPSS
Exploits0References3
NVD
NVD
added 2024/09/03 2:15 p.m.11 views

CVE-2024-34463

BPL Personal Weighing Scale PWS-01BT IND/09/18/599 devices send sensitive information in unencrypted BLE packets. The packet data also lacks authentication and integrity protection...

5.1CVSS0.00658EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/09/03 12:0 a.m.22 views

CVE-2024-34463

BPL Personal Weighing Scale PWS-01BT IND/09/18/599 devices send sensitive information in unencrypted BLE packets. The packet data also lacks authentication and integrity protection...

6.9AI score0.00658EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/09/03 12:0 a.m.23 views

CVE-2024-34463

BPL Personal Weighing Scale PWS-01BT IND/09/18/599 devices send sensitive information in unencrypted BLE packets. The packet data also lacks authentication and integrity protection...

0.00658EPSS
Exploits0References3
CVE
CVE
added 2024/09/03 12:0 a.m.49 views

CVE-2024-34463

The CVE-2024-34463 vulnerability affects BPL Medical Technologies’ PWS-01BT devices and Be Well Android app, with sensitive data sent in unencrypted BLE packets and lacking authentication/integrity protection. Connected sources (Red Hat, CISA ICS) confirm cleartext transmission and potential inte...

5.1CVSS6.9AI score0.00658EPSS
Exploits0References3
NVD
NVD
added 2024/08/21 4:15 p.m.24 views

CVE-2024-7795

Autel MaxiCharger AC Elite Business C50 AppAuthenExchangeRandomNum Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 EV chargers...

8.8CVSS0.00533EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/21 4:2 p.m.35 views

CVE-2024-7795 Autel MaxiCharger AC Elite Business C50 AppAuthenExchangeRandomNum Stack-Based Buffer Overflow Remote Code Execution Vulnerability

Autel MaxiCharger AC Elite Business C50 AppAuthenExchangeRandomNum Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 EV chargers...

8.8CVSS0.00533EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/21 4:2 p.m.18 views

CVE-2024-7795 Autel MaxiCharger AC Elite Business C50 AppAuthenExchangeRandomNum Stack-Based Buffer Overflow Remote Code Execution Vulnerability

Autel MaxiCharger AC Elite Business C50 AppAuthenExchangeRandomNum Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 EV chargers...

8.8CVSS7.8AI score0.00533EPSS
Exploits0References1
CVE
CVE
added 2024/08/21 4:2 p.m.59 views

CVE-2024-7795

Autel MaxiCharger AC Elite Business C50 EV chargers are affected by CVE-2024-7795. The vulnerability lies in handling of the AppAuthenExchangeRandomNum BLE command, where insufficient validation of the length of user-supplied data copied into a fixed-length stack buffer can allow a network-adjace...

8.8CVSS9AI score0.00533EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2024/07/12 12:0 a.m.8 views

Google Android Authentication Bypass Vulnerability (CNVD-2024-33528)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an authentication bypass vulnerability that stems from an incorrect protocol implementation in the smpprocrand method of the smpact.cc file, which can be exploited by an attacker to potentially...

8.8CVSS6.9AI score0.00251EPSS
Exploits0References1
NVD
NVD
added 2024/07/10 1:15 a.m.17 views

CVE-2024-32670

Exposure of Sensitive Information to an Unauthorized Actor in Samsung Galaxy SmartTag2 prior to 0.20.04 allows attackes to potentially identify the tag's location by scanning the BLE adversting...

7CVSS0.00189EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/10 12:20 a.m.22 views

CVE-2024-32670

Exposure of Sensitive Information to an Unauthorized Actor in Samsung Galaxy SmartTag2 prior to 0.20.04 allows attackes to potentially identify the tag's location by scanning the BLE adversting...

7CVSS0.00189EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/10 12:20 a.m.15 views

CVE-2024-32670

Exposure of Sensitive Information to an Unauthorized Actor in Samsung Galaxy SmartTag2 prior to 0.20.04 allows attackes to potentially identify the tag's location by scanning the BLE adversting...

7CVSS6.8AI score0.00189EPSS
Exploits0References1
CVE
CVE
added 2024/07/10 12:20 a.m.62 views

CVE-2024-32670

The CVE-2024-32670 entry relates to Samsung Galaxy SmartTag2 prior to version 0.20.04. The root cause is exposure of sensitive information via BLE advertising, which can allow an attacker to potentially identify the tag’s location. Affected product: Samsung Galaxy SmartTag2; affected component/fu...

7CVSS6.5AI score0.00189EPSS
Exploits0References1
NVD
NVD
added 2024/07/09 9:15 p.m.30 views

CVE-2024-34722

In smpprocrand of smpact.cc, there is a possible authentication bypass during legacy BLE pairing due to incorrect implementation of a protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS0.00251EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/07/09 8:11 p.m.17 views

CVE-2024-34722

In smpprocrand of smpact.cc, there is a possible authentication bypass during legacy BLE pairing due to incorrect implementation of a protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8AI score0.00251EPSS
Exploits0References1
Rows per page
Query Builder