Lucene search
K

3858 matches found

NVD
NVD
added 2013/06/30 7:28 p.m.23 views

CVE-2013-4733

The web server on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 allows remote attackers to obtain sensitive configuration and status information by reading log files...

7.8CVSS6.3AI score0.02242EPSS
Exploits0References5
NVD
NVD
added 2013/06/30 7:28 p.m.23 views

CVE-2013-4734

dasdecmkuser on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 generates predictable passwords, which might make it easier for attackers to obtain non-administrative access via unspecified vectors...

7.5CVSS6.5AI score0.01376EPSS
Exploits0References5
NVD
NVD
added 2013/06/30 7:28 p.m.24 views

CVE-2013-0137

The default configuration of the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 contains a known SSH private key, which makes it easier for remote attackers to obtain root access, and spoof alerts, via an SSH session...

10CVSS6.5AI score0.13446EPSS
Exploits0References6
Prion
Prion
added 2013/06/30 7:28 p.m.18 views

Default credentials

The Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 have a default password for an administrative account, which makes it easier for remote attackers to obtain access via an IP network...

10CVSS7.3AI score0.04786EPSS
Exploits0References5Affected Software2
Prion
Prion
added 2013/06/30 7:28 p.m.15 views

Code injection

The administrative web server on the Digital Alert Systems DASDEC EAS device through 2.0-2 and the Monroe Electronics R189 One-Net EAS device through 2.0-2 uses predictable session ID values, which makes it easier for remote attackers to hijack sessions by sniffing the network. NOTE: VU662676...

10CVSS7.2AI score0.03041EPSS
Exploits0References5Affected Software2
Prion
Prion
added 2013/06/30 7:28 p.m.23 views

Default configuration

The default configuration of the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 contains a known SSH private key, which makes it easier for remote attackers to obtain root access, and spoof alerts, via an SSH session...

10CVSS7AI score0.13446EPSS
Exploits0References6Affected Software2
Prion
Prion
added 2013/06/30 7:28 p.m.18 views

Design/Logic Flaw

dasdecmkuser on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 generates predictable passwords, which might make it easier for attackers to obtain non-administrative access via unspecified vectors...

7.5CVSS7AI score0.01376EPSS
Exploits0References5Affected Software2
CVE
CVE
added 2013/06/29 9:0 p.m.50 views

CVE-2013-4732

CVE-2013-4732 affects Digital Alert Systems DASDEC EAS device (versions 2.0-2) and Monroe Electronics R189 One-Net EAS device (versions 2.0-2). The issue is predictable session ID values in the administrative web server, enabling potential session hijacking by sniffing the network. Public documen...

10CVSS6.9AI score0.03041EPSS
Exploits0References5Affected Software2
CVE
CVE
added 2013/06/29 9:0 p.m.43 views

CVE-2013-4733

The CVE-2013-4733 entry affects the web server component of the Digital Alert Systems DASDEC EAS device and the Monroe Electronics R189 One-Net EAS device, both versions prior to 2.0-2. An attacker can remotely read log files to obtain sensitive configuration and status information, exposing conf...

7.8CVSS6.4AI score0.02242EPSS
Exploits0References5Affected Software2
CVE
CVE
added 2013/06/29 9:0 p.m.58 views

CVE-2013-4735

The CVE-2013-4735 issue affects the Digital Alert Systems DASDEC EAS device prior to 2.0-2 and Monroe Electronics R189 One-Net EAS prior to 2.0-2, which have a default administrative password. The underlying risk is that an attacker could remotely obtain access over an IP network due to this defa...

10CVSS7AI score0.04786EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2013/06/29 9:0 p.m.24 views

CVE-2013-0137

The default configuration of the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 contains a known SSH private key, which makes it easier for remote attackers to obtain root access, and spoof alerts, via an SSH session...

9.2AI score0.13446EPSS
Exploits0References6
Cvelist
Cvelist
added 2013/06/29 9:0 p.m.27 views

CVE-2013-4733

The web server on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 allows remote attackers to obtain sensitive configuration and status information by reading log files...

6.3AI score0.02242EPSS
Exploits0References5
Cvelist
Cvelist
added 2013/06/29 9:0 p.m.26 views

CVE-2013-4735

The Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 have a default password for an administrative account, which makes it easier for remote attackers to obtain access via an IP network...

6.8AI score0.04786EPSS
Exploits0References5
CISA
CISA
added 2013/06/26 12:0 a.m.11 views

Digital Alert Systems and Monroe Electronics EAS Firmware Security Advisory

Digital Alert Systems' DASDEC and Monroe Electronics' One-Net E189 Emergency Alert System EAS encoder/decoder ENDEC devices exposed a shared private root SSH key in publicly available firmware images. Additional information is also available in CERT Vulnerability Note VU662676. US-CERT recommends...

6.7AI score
Exploits0References4
Packet Storm
Packet Storm
added 2013/06/24 12:0 a.m.44 views

Sprite Software Android Race Condition

Subject: Race condition in Sprite Software's backup software, installed by OEM on LG Android devices. CVE ID: CVE-2013-3685 Initial disclosure: https://plus.google.com/110348415484169880343/posts/Me2yea2PgwE Source: https://github.com/CunningLogic/LGPwn Effect: Locally exploited vulnerability wit...

7AI score0.00373EPSS
Exploits2
ICS
ICS
added 2013/04/05 6:0 a.m.71 views

Monroe Electronics DASDEC Compromised Root SSH Key

OVERVIEW This advisory provides mitigation details for a vulnerability that impacts the Monroe Electronics DASDEC. Mike Davis, a researcher with IOActive, reported a compromised root SSH key vulnerability to CERT Coordination Center CERT/CC. This vulnerability is in Monroe Electronics DASDEC‑I an...

10CVSS9.5AI score0.13446EPSS
Exploits0References10
The Hacker News
The Hacker News
added 2013/02/19 2:52 p.m.14 views

Samsung's new OS Tizen 2.0 source code released

The Tizen 2.0 source code and SDK has officially been released. Tizen is a Linux-based open-source software platform backed by Intel and Samsung Electronics, that is designed for smartphones, tablets, smart TVs and in-car systems and it's designed to run apps written using web technologies...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2013/02/11 8:53 p.m.5 views

DHS: Border Device Search Policy Does Not Violate Fourth Amendment

The Department of Homeland Security’s Office for Civil Rights and Civil Liberties CLCR has determined that the DHS’s warrantless, and often suspicion-less, search and seizure of electronics devices at U.S. borders does not violate the Fourth Amendment protection against unreasonable search or...

7.2AI score
Exploits0References6
Packet Storm
Packet Storm
added 2013/01/10 12:0 a.m.55 views

Samsung Kies 2.5.0.12114_1 Buffer Overflow

Advisory ID: HTB23136 Product: Samsung Kies Vendor: Samsung Electronics Vulnerable Versions: 2.5.0.121141 Tested Version: 2.5.0.121141 on Windows 7 SP1 and Internet Explorer 9.0 Vendor Notification: December 19, 2012 Vendor Patch: December 27, 2012 Public Disclosure: January 9, 2013 Vulnerability...

10CVSS1.1AI score0.1547EPSS
Exploits3
ThreatPost
ThreatPost
added 2012/11/04 10:56 p.m.27 views

More VMware ESX Source Code Posted Online

For the third time this year, VMware ESX source code has been posted online. A hacker known as Stun claiming to be affiliated with Anonymous tweeted a link to a torrent site hosting the stolen VMkernel source code. VMware director of platform security Iain Mulholland acknowledged the breach on...

0.2AI score
Exploits0References3
Rows per page
Query Builder