Lucene search
K

169 matches found

HackRead
HackRead
added 2019/04/30 3:30 p.m.22 views

Sensitive data of 80 million US households exposed online

By Uzair Amir The 24 GB database was hosted on a Microsoft cloud server. Another day, another data breach; this time researchers have discovered an unprotected cloud repository containing personal and financial information of more than 80 million US households. This incident reminds us of two...

0.8AI score
Exploits0
Prion
Prion
added 2018/10/10 3:29 p.m.30 views

Default credentials

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use an undocumented user account "default" with its default password to login to XMeye and access/view video streams...

6.4CVSS7.2AI score0.00987EPSS
Exploits2References1
NVD
NVD
added 2018/10/10 3:29 p.m.17 views

CVE-2018-17919

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use an undocumented user account "default" with its default password to login to XMeye and access/view video streams...

6.5CVSS7.2AI score0.00987EPSS
Exploits2References1
Prion
Prion
added 2018/10/10 3:29 p.m.18 views

Code injection

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use MAC addresses to enumerate potential Cloud IDs. Using this ID, the attacker can discover and connect to valid devices using one of the supported apps...

5CVSS6.3AI score0.01251EPSS
Exploits2References1
NVD
NVD
added 2018/10/10 3:29 p.m.16 views

CVE-2018-17917

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use MAC addresses to enumerate potential Cloud IDs. Using this ID, the attacker can discover and connect to valid devices using one of the supported apps...

5.3CVSS6.3AI score0.01251EPSS
Exploits2References1
NVD
NVD
added 2018/10/10 3:29 p.m.21 views

CVE-2018-17915

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communication. This includes the XMeye service and firmware update communication. This could allow an attacker to eavesdrop on video feeds, steal XMeye login credentials, or impersonate the upda...

9.8CVSS9.4AI score0.01086EPSS
Exploits4References1
Cvelist
Cvelist
added 2018/10/10 3:0 p.m.31 views

CVE-2018-17915

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communication. This includes the XMeye service and firmware update communication. This could allow an attacker to eavesdrop on video feeds, steal XMeye login credentials, or impersonate the upda...

9.4AI score0.01086EPSS
Exploits4References1
Cvelist
Cvelist
added 2018/10/10 3:0 p.m.18 views

CVE-2018-17917

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use MAC addresses to enumerate potential Cloud IDs. Using this ID, the attacker can discover and connect to valid devices using one of the supported apps...

5.3AI score0.01251EPSS
Exploits2References1
CVE
CVE
added 2018/10/10 3:0 p.m.258 views

CVE-2018-17915

CVE-2018-17915 affects Hangzhou Xiongmai XMeye P2P Cloud products (IP cameras, NVRs/DVRs). SEC Consult reports describe a remote code execution/integrity issue in XMeye P2P Cloud, with vulnerable implementations that lack proper protection during update/communication, enabling an attacker to pote...

9.8CVSS9.3AI score0.01086EPSS
Exploits4References1Affected Software1
CVE
CVE
added 2018/10/10 3:0 p.m.133 views

CVE-2018-17917

CVE-2018-17917 affects Hangzhou Xiongmai XMeye P2P Cloud Server. The vulnerability allows an attacker to enumerate potential Cloud IDs by using MAC addresses, enabling discovery of valid devices and connection via supported XMeye apps. Root cause described across sources is predictable/derivable ...

5.3CVSS7AI score0.01251EPSS
Exploits2References1Affected Software1
ICS
ICS
added 2018/10/09 12:0 a.m.1503 views

Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit/information related to these vulnerabilities is publicly available Vendor: Hangzhou Xiongmai Technology Co., Ltd Equipment: XMeye P2P Cloud Server Vulnerabilities: Predictable From Observable State, Hidden...

9.8CVSS7.1AI score0.01251EPSS
Exploits4References5
Lenovo
Lenovo
added 2018/08/16 2:27 p.m.665 views

L1 Terminal Fault Side Channel Vulnerabilities - US

Lenovo Security Advisory: LEN-24163 Potential Impact: Malicious code running locally may be able to observe contents of privileged memory, circumventing expected privilege levels Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2018-3615, CVE-2018-3620, CVE-2018-3646 Summary...

5.4CVSS1.2AI score0.08101EPSS
Exploits0
Lenovo
Lenovo
added 2018/08/16 2:27 p.m.53 views

L1 Terminal Fault Side Channel Vulnerabilities - Lenovo Support US

No description provided...

7.3CVSS6.7AI score0.08101EPSS
Exploits0
Prion
Prion
added 2018/03/13 5:29 p.m.14 views

Denial of service

Denial of service by blocking of new camera registration on the cloud server in Hanwha Techwin Smartcams...

5CVSS7.5AI score0.01066EPSS
Exploits0References1
CVE
CVE
added 2018/03/13 5:0 p.m.43 views

CVE-2018-6302

Hanwha Techwin SmartCam is affected by CVE-2018-6302, a cloud-server DoS vulnerability tied to the SmartCam cloud architecture (XMPP-based Jabber server). The issue enables an attacker to block new camera registrations on the cloud, potentially compromising the registration/operation of cameras a...

7.5CVSS7.5AI score0.01066EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/03/13 5:0 p.m.17 views

CVE-2018-6302

Denial of service by blocking of new camera registration on the cloud server in Hanwha Techwin Smartcams...

7.5AI score0.01066EPSS
Exploits0References1
HackRead
HackRead
added 2018/02/21 12:33 a.m.54 views

Hackers Compromise Tesla Cloud Server to Mine Cryptocurrency

By Waqas It is 2018 and the easiest way to make quick This is a post from HackRead.com Read the original post: Hackers Compromise Tesla Cloud Server to Mine Cryptocurrency...

6.9AI score
Exploits0
Cvelist
Cvelist
added 2017/10/23 1:0 a.m.31 views

CVE-2017-7147

An issue was discovered in certain Apple products. The Apple Support app before 1.2 for iOS is affected. The issue involves the "Analytics" component. It allows remote attackers to obtain sensitive analytics information by leveraging its presence in a cleartext HTTP transmission to an Adobe...

4.2AI score0.00918EPSS
Exploits1References3
The Hacker News
The Hacker News
added 2017/09/22 5:33 a.m.24 views

Passwords For 540,000 Car Tracking Devices Leaked Online

Another day, another news about a data breach, though this is something disconcerting. Login credentials of more than half a million records belonging to vehicle tracking device company SVR Tracking have leaked online, potentially exposing the personal data and vehicle details of drivers and...

6.5AI score
Exploits0
0day.today
0day.today
added 2017/09/13 12:0 a.m.29 views

inClick Cloud Server 5.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: inClick Cloud Server 5.0 - SQL Injection Dork: N/A Date: 12.09.2017 Vendor Homepage: http://www.inclick.net/ Software Link: http://www.inclick.net/pageid/demo.html Demo: http://www.inclick.net/pageid/demo.html Version: 5.0...

7.4AI score
Exploits0
Rows per page
Query Builder