EUVD-2014-4794

Malware in sbrugna...

MAL-2025-10890 Malicious code in @zalastax/nolb-chec (npm)

The package @zalastax/nolb-chec was found to contain malicious code...

Malicious code in @zalastax/nolb-chec (npm)

The package @zalastax/nolb-chec was found to contain malicious code...

CVE-2019-5081

CVE-2019-5081 affects WAGO PFC200/PFC100 iocheckd ("I/O-Check"). The vulnerability is a heap buffer overflow in the iocheckd service when processing input, caused by a lack of input validation, enabling an unauthenticated remote attacker to potentially execute arbitrary code. Affected firmware: P...

CVE-2019-5077

CVE-2019-5077 affects WAGO PFC200/PFC100 iocheckd (IOC-Check) Missing Authentication for Critical Function. A specially crafted unauthenticated packet can trigger a denial-of-service, causing the device to enter an error state and cease all network communications. Affected firmware: PFC200 03.01....

openSUSE Security Update : the Linux Kernel (openSUSE-2019-618) (Foreshadow)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-10853: A flaw was found in KVM in which certain instructions such as sgdt/sidt call segmentedwritestd doesn't propagate access correctly. As such, during userspa...

openSUSE Security Update : the Linux Kernel (openSUSE-2018-886) (Foreshadow)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-10853: A flaw was found in KVM in which certain instructions such as sgdt/sidt call segmentedwritestd doesn't propagate access correctly. As such, during userspa...

nc2865.eden5.netclusive.de XSS vulnerability

Open Bug Bounty ID: OBB-627668 Description| Value ---|--- Affected Website:| nc2865.eden5.netclusive.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Hardcoded credentials

CreateBossCredentials.jar in Toshiba CHEC before 6.6 build 4014 and 6.7 before build 4329 contains a hardcoded AES key, which allows attackers to discover Back Office System Server BOSS DB2 database credentials by leveraging knowledge of this key in conjunction with bossinfo.pro read access...

CVE-2014-4875

CreateBossCredentials.jar in Toshiba CHEC before 6.6 build 4014 and 6.7 before build 4329 contains a hardcoded AES key, which allows attackers to discover Back Office System Server BOSS DB2 database credentials by leveraging knowledge of this key in conjunction with bossinfo.pro read access...

CVE-2014-4875

CreateBossCredentials.jar in Toshiba CHEC before 6.6 build 4014 and 6.7 before build 4329 contains a hardcoded AES key, which allows attackers to discover Back Office System Server BOSS DB2 database credentials by leveraging knowledge of this key in conjunction with bossinfo.pro read access...

CVE-2014-4875

CVE-2014-4875 : In Toshiba CHEC, the CreateBossCredentials.jar file in versions before 6.6 build 4014 and before 6.7 build 4329 contains a hard-coded AES key, enabling an attacker with access to bossinfo.pro to decrypt and obtain the BOSS DB2 credentials. The risk materializes as the potential di...

Toshiba CHEC Built-in Encryption Key Information Disclosure Vulnerability

Toshiba CHEC is a product of Toshiba Corporation. Toshiba CHEC has a security vulnerability due to the inclusion of a built-in encryption key in the CreateBossCredentials.jar file. This allows an attacker with access to bossinfo.pro to decrypt content, including BOSS database information, using t...

Toshiba CHEC contains a hard-coded cryptographic key

Overview Toshiba CHEC, versions 6.6, 6.7, and possibly earlier, contain a hard-coded cryptographic key. Description CWE-321: Use of Hard-coded Cryptographic Key - CVE-2014-4875Toshiba CHEC, versions 6.6, 6.7, and possibly earlier, contain a hard-coded cryptographic key in the...