83 matches found
EUVD-2024-41385
Malicious code in bioql PyPI...
EUVD-2024-54934
Malicious code in bioql PyPI...
EUVD-2023-40312
Malicious code in bioql PyPI...
EUVD-2024-41384
Malicious code in bioql PyPI...
CVE-2024-46917
Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR01 does not validate file attributes or the contents of /root during integrity validation. This allows code execution, recovery of TPM Disk Encryption keys, decryption of the Windows system partition, and full control of the Windows OS, e.g.,...
CVE-2024-46916
Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR06 contains functionality that allows the removal of critical system files before the filesystem is properly mounted e.g., leveraging a delete call in /etc/rc.d/init.d/mountfs to remove the /etc/fstab file. This can allow code execution and, ...
Diebold Nixdorf Vynamic Security Suite 安全漏洞
Diebold Nixdorf Vynamic Security Suite Diebold Nixdorf VSS is a security access suite from Diebold Nixdorf, USA. A security vulnerability exists in Diebold Nixdorf Vynamic Security Suite Diebold Nixdorf VSS version 4.3.0 SR06 and prior versions, which stems from improper deletion of critical syst...
Diebold Nixdorf Vynamic Security Suite 安全漏洞
Diebold Nixdorf Vynamic Security Suite Diebold Nixdorf VSS is a security access suite from Diebold Nixdorf, USA. A security vulnerability exists in Diebold Nixdorf Vynamic Security Suite version 4.3.0 SR01 and prior versions, which stems from insufficient validation of file attributes and could...
CVE-2024-46916
Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR06 contains functionality that allows the removal of critical system files before the filesystem is properly mounted e.g., leveraging a delete call in /etc/rc.d/init.d/mountfs to remove the /etc/fstab file. This can allow code execution and, ...
CVE-2023-40261
Diebold Nixdorf Vynamic Security Suite VSS before 3.3.0 SR17, 4.0.0 SR07, 4.1.0 SR04, 4.2.0 SR04, and 4.3.0 SR02 fails to validate file attributes during the Pre-Boot Authorization PBA process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's har...
CVE-2023-36344
An issue in Diebold Nixdorf Vynamic View Console v.5.3.1 and before allows a local attacker to execute arbitrary code via not restricting the search path for required DLLs and not verifying the signature...
CVE-2023-24064
Diebold Nixdorf Vynamic Security Suite VSS before 3.3.0 SR4 fails to validate /etc/initab during the Pre-Boot Authorization PBA process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's hard disk...
CVE-2023-33206
Diebold Nixdorf Vynamic Security Suite VSS before 3.3.0 SR16, 4.0.0 SR06, 4.1.0 SR04, 4.2.0 SR03, and 4.3.0 SR01 fails to validate symlinks during the Pre-Boot Authorization PBA process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's hard disk...
CVE-2024-45246
Diebold Nixdorf – CWE-427: Uncontrolled Search Path Element...
CVE-2024-45246 Diebold Nixdorf – CWE-427: Uncontrolled Search Path Element
Diebold Nixdorf – CWE-427: Uncontrolled Search Path Element...
CVE-2024-45246
CVE-2024-45246 concerns Diebold Nixdorf Vynamic View Console with an Uncontrolled Search Path Element (CWE-427). Public sources indicate affected versions are prior to 5.9.5 (CNNVD) and that the issue could enable arbitrary code execution and privilege escalation. The CNNVD description additional...
CVE-2024-45246 Diebold Nixdorf – CWE-427: Uncontrolled Search Path Element
Diebold Nixdorf – CWE-427: Uncontrolled Search Path Element...
CVE-2024-45245
Diebold Nixdorf – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor...
CVE-2024-45245 Diebold Nixdorf – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Diebold Nixdorf – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor...
CVE-2024-45245
Diebold Nixdorf Vynamic View Console is affected (CWE-200: Exposure of Sensitive Information to an Unauthorized Actor) with versions up to 5.9.4, requiring local access for exploitation. The issue entails disclosure of sensitive information to unauthorized users. Mitigation is to upgrade to 5.9.5...