22 matches found
EUVD-2020-8063
Malware in sbrugna...
EUVD-2023-37391
Malicious code in bioql PyPI...
CVE-2024-29941
Insecure storage of the ICT MIFARE and DESFire encryption keys in the firmware binary allows malicious actors to create credentials for any site code and card number that is using the default ICT encryption...
CVE-2023-33221
When reading DesFire keys, the function that reads the card isn't properly checking the boundaries when copying internally the data received. This allows a heap based buffer overflow that could lead to a potential Remote Code Execution on the targeted device. This is especially problematic if you...
CVE-2020-16097
On controllers running versions of v8.20 prior to vCR8.20.200221b distributed in v8.20.1093MR2, v8.10 prior to vGR8.10.179 distributed in v8.10.1211MR5, v8.00 prior to vGR8.00.165 Distributed in v8.00.1228MR6, v7.90 prior to vGR7.90.165 distributed in v7.90.1038MRX, v7.80 or earlier, It is possib...
CVE-2024-29941
Insecure storage of the ICT MIFARE and DESFire encryption keys in the firmware binary allows malicious actors to create credentials for any site code and card number that is using the default ICT encryption...
CVE-2024-29941 Credential Cloning
Insecure storage of the ICT MIFARE and DESFire encryption keys in the firmware binary allows malicious actors to create credentials for any site code and card number that is using the default ICT encryption...
CVE-2024-29941
CVE-2024-29941 describes insecure storage of ICT MIFARE and DESFire encryption keys in the firmware binary, enabling credential cloning by creating credentials for any site code and card number that uses the default ICT encryption. The Red Hat/NVD entries corroborate that the issue arises from st...
ICT MIFARE DESFire 安全漏洞
ICT MIFARE DESFire is an advanced encryption technology from ICT. A security vulnerability exists in ICT MIFARE DESFire that stems from insecure storage of encryption keys and a binary file that allows malicious actors to create credentials for any site code and card number using default values...
PT-2024-23162 · Ict · Ict
Name of the Vulnerable Software and Affected Versions: ICT affected versions not specified Description: Insecure storage of the ICT MIFARE and DESFire encryption keys in the firmware binary allows malicious actors to create credentials for any site code and card number that is using the default I...
CVE-2023-33221
When reading DesFire keys, the function that reads the card isn't properly checking the boundaries when copying internally the data received. This allows a heap based buffer overflow that could lead to a potential Remote Code Execution on the targeted device. This is especially problematic if you...
Heap overflow
When reading DesFire keys, the function that reads the card isn't properly checking the boundaries when copying internally the data received. This allows a heap based buffer overflow that could lead to a potential Remote Code Execution on the targeted device. This is especially problematic if you...
CVE-2023-33221 Heap Buffer Overflow when reading DESFire card
When reading DesFire keys, the function that reads the card isn't properly checking the boundaries when copying internally the data received. This allows a heap based buffer overflow that could lead to a potential Remote Code Execution on the targeted device. This is especially problematic if you...
CVE-2023-33221
The CVE-2023-33221 issue is a boundary-check flaw in the DesFire card reading function that copies internal data, causing a heap-based buffer overflow and potential remote code execution. Reported across multiple sources (e.g., PT-Security; Red Hat; NVD), it specifically notes risk when the Defau...
PT-2023-24231 · Desfire · Desfire
Name of the Vulnerable Software and Affected Versions: DesFire affected versions not specified Description: The function that reads the card isn't properly checking the boundaries when copying internally the data received, allowing a heap-based buffer overflow. This could lead to a potential Remo...
WordPress Plugin SIGMA Lite & Lite+ Buffer Error Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
CVE-2020-16097
On controllers running versions of v8.20 prior to vCR8.20.200221b distributed in v8.20.1093MR2, v8.10 prior to vGR8.10.179 distributed in v8.10.1211MR5, v8.00 prior to vGR8.00.165 Distributed in v8.00.1228MR6, v7.90 prior to vGR7.90.165 distributed in v7.90.1038MRX, v7.80 or earlier, It is possib...
CVE-2020-16097
On controllers running versions of v8.20 prior to vCR8.20.200221b distributed in v8.20.1093MR2, v8.10 prior to vGR8.10.179 distributed in v8.10.1211MR5, v8.00 prior to vGR8.00.165 Distributed in v8.00.1228MR6, v7.90 prior to vGR7.90.165 distributed in v7.90.1038MRX, v7.80 or earlier, It is possib...
Design/Logic Flaw
On controllers running versions of v8.20 prior to vCR8.20.200221b distributed in v8.20.1093MR2, v8.10 prior to vGR8.10.179 distributed in v8.10.1211MR5, v8.00 prior to vGR8.00.165 Distributed in v8.00.1228MR6, v7.90 prior to vGR7.90.165 distributed in v7.90.1038MRX, v7.80 or earlier, It is possib...
CVE-2020-16097
CVE-2020-16097 affects Gallagher controllers running multiple legacy v8.x/v7.x releases (v8.20 pre-CR8.20.200221b, v8.10 pre-vGR8.10.179, v8.00 pre-vGR8.00.165, v7.90 pre-vGR7.90.165, v7.80 or earlier). The issue enables retrieval of site keys used to secure MIFARE Plus and Desfire via debug port...