13 matches found
EUVD-2024-46320
Malicious code in bioql PyPI...
EUVD-2022-42443
Malicious code in bioql PyPI...
CVE-2021-3793
An improper access control vulnerability was reported in some Motorola-branded Binatone Hubble Cameras which could allow an unauthenticated attacker on the same network as the device to access administrative pages that could result in information disclosure or device firmware update with verified...
CVE-2019-8900
A vulnerability in the SecureROM of some Apple devices can be exploited by an unauthenticated local attacker to execute arbitrary code upon booting those devices. This vulnerability allows arbitrary code to be executed on the device. Exploiting the vulnerability requires physical access to the...
CVE-2019-8900
CVE-2019-8900 concerns a SecureROM vulnerability in some Apple devices that allows an unauthenticated local attacker to execute arbitrary code on boot. Exploitation requires physical access: device must be connected to a computer and booted in DFU mode; the change is not persistent across reboots...
CVE-2019-8900
A vulnerability in the SecureROM of some Apple devices can be exploited by an unauthenticated local attacker to execute arbitrary code upon booting those devices. This vulnerability allows arbitrary code to be executed on the device. Exploiting the vulnerability requires physical access to the...
PT-2025-7272 · Apple · Device
Name of the Vulnerable Software and Affected Versions: Apple devices affected versions not specified Description: A security issue in the SecureROM of certain Apple devices allows an unauthenticated local attacker to execute arbitrary code on the device upon booting. This requires physical access...
Exploit for CVE-2024-44610
CVE-2024-44610: PEAK PCAN-Ethernet Gateway FD DR Authenticated...
CVE-2022-3007 Unauthorized Access Vulnerability in Syska SW100 Smartwatch
The vulnerability exists in Syska SW100 Smartwatch due to an improper implementation and/or configuration of Nordic Device Firmware Update DFU which is used for performing Over-The-Air OTA firmware updates on the Bluetooth Low Energy BLE devices. An unauthenticated attacker could exploit this...
CVE-2023-33768
Incorrect signature verification of the firmware during the Device Firmware Update process of Belkin Wemo Smart Plug WSP080 v1.2 allows attackers to cause a Denial of Service DoS via a crafted firmware file...
PT-2022-24914 · Microsoft · Azure Rtos Usbx
Name of the Vulnerable Software and Affected Versions: Azure RTOS USBX versions prior to 6.1.12 Description: The USB DFU UPLOAD functionality in Azure RTOS USBX may be utilized to introduce a buffer overflow, resulting in the overwrite of memory contents. In particular cases, this may allow an...
Improper access control
An improper access control vulnerability was reported in some Motorola-branded Binatone Hubble Cameras which could allow an unauthenticated attacker on the same network as the device to access administrative pages that could result in information disclosure or device firmware update with verified...
CVE-2020-10019
USB DFU has a potential buffer overflow where the requested length wLength is not checked against the buffer size. This could be used by a malicious USB host to exploit the buffer overflow. See NCC-ZEP-002 This issue affects: zephyrproject-rtos zephyr version 1.14.1 and later versions. version...