12 matches found
CVE-2026-5115
The PaperCut NG/MF specifically, the embedded application for Konica Minolta devices is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device. It was internally discovered that the...
CVE-2026-5115
The CVE-2026-5115 entry concerns PaperCut NG/MF’s embedded Konica Minolta interface. The embedded app communicates with the server over an insecure channel, which could leak data including sensitive information and enable session hijacking. Affected product: PaperCut MF embedded app for Konica Mi...
CVE-2026-5115 Session hijacking in PaperCut NG/MF embedded application for Konica Minolta devices
The PaperCut NG/MF specifically, the embedded application for Konica Minolta devices is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device. It was internally discovered that the...
PT-2026-29170
The PaperCut NG/MF specifically, the embedded application for Konica Minolta devices is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device. It was internally discovered that the...
EUVD-2020-7510
Malware in sbrugna...
The vulnerability of the SLNX PC Client of the embedded application and document management tool RICOH Streamline NX allows a perpetrator to re-record any files.
The vulnerability of the SLNX PC Client of the embedded application and document management tool RICOH Streamline NX relates to improper external manipulation of file names or file paths. Exploiting this vulnerability allows a malicious actor to re-record arbitrary files...
The vulnerability of the SLNX PC Client of the embedded application and document management tool RICOH Streamline NX allows a perpetrator to execute arbitrary code.
The vulnerability of the SLNX PC Client of the embedded application and document management tool RICOH Streamline NX lies in the deletion of files due to incorrect path restrictions for access to restricted directories. Exploiting this vulnerability allows an attacker to execute arbitrary code...
[SECURITY] Fedora 41 Update: mbedtls-2.28.9-1.fc41
Mbed TLS is a light-weight open source cryptographic and SSL/TLS library written in C. Mbed TLS makes it easy for developers to include cryptographic and SSL/TLS capabilities in their embedded applications with as little hassle as possible...
PSF-2020-4 Py_SetPath(): _Py_CheckPython3 uses uninitialized DLL path
In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading...
Security Bulletin: Vulnerability in RC4 stream cipher affects OpenPages GRC Platform with Application Server (CVE-2015-2808)
Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects OpenPages GRC Platform with Application Server. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An...
CVE-2017-5217
Installing a zero-permission Android application on certain Samsung Android devices with KK4.4, L5.0/5.1, and M6.0 software can continually crash the systemserver process in the Android OS. The zero-permission app will create an active install session for a separate app that it has embedded withi...
SoftMaker Office 201x Privilege Escalation
Hi @ll, the service pack installers for SoftMaker Office 201x, available from , are surprise.- vulnerable. The executable installer OUCH ofw16763.exe, a 7z SFX OUCH, creates an UNPROTECTED directory "%TEMP%\7zSxxxxxxxx" to extract its payload, then executes "%TEMP%\7zSxxxxxxxx\spsetup.exe"...