14 matches found
EUVD-2014-4794
Malware in sbrugna...
Malicious code in @zalastax/nolb-chec (npm)
The package @zalastax/nolb-chec was found to contain malicious code...
MAL-2025-10890 Malicious code in @zalastax/nolb-chec (npm)
The package @zalastax/nolb-chec was found to contain malicious code...
CVE-2019-5081
CVE-2019-5081 affects WAGO PFC200/PFC100 iocheckd ("I/O-Check"). The vulnerability is a heap buffer overflow in the iocheckd service when processing input, caused by a lack of input validation, enabling an unauthenticated remote attacker to potentially execute arbitrary code. Affected firmware: P...
CVE-2019-5077
CVE-2019-5077 affects WAGO PFC200/PFC100 iocheckd (IOC-Check) Missing Authentication for Critical Function. A specially crafted unauthenticated packet can trigger a denial-of-service, causing the device to enter an error state and cease all network communications. Affected firmware: PFC200 03.01....
openSUSE Security Update : the Linux Kernel (openSUSE-2019-618) (Foreshadow)
The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-10853: A flaw was found in KVM in which certain instructions such as sgdt/sidt call segmentedwritestd doesn't propagate access correctly. As such, during userspa...
openSUSE Security Update : the Linux Kernel (openSUSE-2018-886) (Foreshadow)
The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-10853: A flaw was found in KVM in which certain instructions such as sgdt/sidt call segmentedwritestd doesn't propagate access correctly. As such, during userspa...
nc2865.eden5.netclusive.de XSS vulnerability
Open Bug Bounty ID: OBB-627668 Description| Value ---|--- Affected Website:| nc2865.eden5.netclusive.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Hardcoded credentials
CreateBossCredentials.jar in Toshiba CHEC before 6.6 build 4014 and 6.7 before build 4329 contains a hardcoded AES key, which allows attackers to discover Back Office System Server BOSS DB2 database credentials by leveraging knowledge of this key in conjunction with bossinfo.pro read access...
CVE-2014-4875
CreateBossCredentials.jar in Toshiba CHEC before 6.6 build 4014 and 6.7 before build 4329 contains a hardcoded AES key, which allows attackers to discover Back Office System Server BOSS DB2 database credentials by leveraging knowledge of this key in conjunction with bossinfo.pro read access...
CVE-2014-4875
CVE-2014-4875 : In Toshiba CHEC, the CreateBossCredentials.jar file in versions before 6.6 build 4014 and before 6.7 build 4329 contains a hard-coded AES key, enabling an attacker with access to bossinfo.pro to decrypt and obtain the BOSS DB2 credentials. The risk materializes as the potential di...
CVE-2014-4875
CreateBossCredentials.jar in Toshiba CHEC before 6.6 build 4014 and 6.7 before build 4329 contains a hardcoded AES key, which allows attackers to discover Back Office System Server BOSS DB2 database credentials by leveraging knowledge of this key in conjunction with bossinfo.pro read access...
Toshiba CHEC Built-in Encryption Key Information Disclosure Vulnerability
Toshiba CHEC is a product of Toshiba Corporation. Toshiba CHEC has a security vulnerability due to the inclusion of a built-in encryption key in the CreateBossCredentials.jar file. This allows an attacker with access to bossinfo.pro to decrypt content, including BOSS database information, using t...
Toshiba CHEC contains a hard-coded cryptographic key
Overview Toshiba CHEC, versions 6.6, 6.7, and possibly earlier, contain a hard-coded cryptographic key. Description CWE-321: Use of Hard-coded Cryptographic Key - CVE-2014-4875Toshiba CHEC, versions 6.6, 6.7, and possibly earlier, contain a hard-coded cryptographic key in the...