36 matches found
Vulnerabilities fixed in Hanwha camera systems
Hanwha has fixed vulnerabilities in several camera systems, including issues with XML validation, certificate validation, permissions management for guest accounts, video analytics and hard-coded encryption key. The vulnerabilities include an issue with the validation of incoming XML requests,...
EUVD-2016-3393
Malware in sbrugna...
internalblue
This is an offensive tool for Bluetooth experimentation and patching firmware. It is a Bluetooth experimentation framework for Broadcom and Cypress chips, which enables various features that would otherwise only be possible with a full-stack software-defined radio implementation, such as injectin...
GHSA-VHGQ-R8GX-5FPV Ibexa Admin UI assets XSS vulnerabilities in back office
Impact This security advisory is a part of IBEXA-SA-2025-003, which resolves XSS vulnerabilities in several parts of the back office of Ibexa DXP. Back office access and varying levels of editing and management permissions are required to exploit these vulnerabilities. This typically means Editor...
CVE-2023-43742
An authentication bypass in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions prior to 17.0.10 patch 17161 and 16.04 patch 16109 allows an unauthenticated attacker to obtain an administrative session via a protection mechanism failure in the authentication function...
QNAP Releases Firmware Patches for 9 New Flaws Affecting NAS Devices
QNAP, Taiwanese maker of network-attached storage NAS devices, on Friday released security updates to patch nine security weaknesses, including a critical issue that could be exploited to take over an affected system. "A vulnerability has been reported to affect QNAP VS Series NVR running QVR,"...
How MikroTik Routers Became a Cybercriminal Target
The routers leveraged by the Mēris botnet in a massive distributed denial-of-service DDoS attack against Russia’s internet giant Yandex have also been the unwitting platform for numerous cyberattacks, researchers have found. This is due to a persistent vulnerable state that’s difficult for...
CVE-2021-1562
A vulnerability in the XSI-Actions interface of Cisco BroadWorks Application Server could allow an authenticated, remote attacker to access sensitive information on an affected system. This vulnerability is due to improper input validation and authorization of specific commands that a user can...
Input validation
A vulnerability in the XSI-Actions interface of Cisco BroadWorks Application Server could allow an authenticated, remote attacker to access sensitive information on an affected system. This vulnerability is due to improper input validation and authorization of specific commands that a user can...
CVE-2021-1562 Cisco BroadWorks Application Server Information Disclosure Vulnerability
A vulnerability in the XSI-Actions interface of Cisco BroadWorks Application Server could allow an authenticated, remote attacker to access sensitive information on an affected system. This vulnerability is due to improper input validation and authorization of specific commands that a user can...
CVE-2021-1562 Cisco BroadWorks Application Server Information Disclosure Vulnerability
A vulnerability in the XSI-Actions interface of Cisco BroadWorks Application Server could allow an authenticated, remote attacker to access sensitive information on an affected system. This vulnerability is due to improper input validation and authorization of specific commands that a user can...
Cisco BroadWorks Application Server Information Disclosure Vulnerability
A vulnerability in the XSI-Actions interface of Cisco BroadWorks Application Server could allow an authenticated, remote attacker to access sensitive information on an affected system. This vulnerability is due to improper input validation and authorization of specific commands that a user can...
SonicWall Releases Additional Patches
SonicWall has released firmware patches for SMA 100 series products in an update to its previous alert from February 3, 2021. A remote attacker could exploit a vulnerability in versions of SMA 10 prior to 10.2.0.5-29sv to take control of an affected system. CISA encourages users and administrator...
Some D-Link and Comba WiFi Routers Leak Their Passwords in Plaintext
What could be worse than your router leaking its administrative login credentials in plaintext? Cybersecurity researchers from Trustwave's SpiderLabs have discovered multiple security vulnerabilities in some router models from two popular manufacturers—D-Link and Comba Telecom—that involve insecu...
Security update for kernel-firmware (moderate)
openSUSE Security Update: Security update for kernel-firmware Announcement ID: openSUSE-SU-2019:1770-1 Rating: moderate References: 1136334 1136498 1139383 Cross-References: CVE-2019-9836 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update that solves one vulnerability and has two...
The Patching Problem: Best Practices for Maintaining Up-to-Date Systems
"Update ready to be installed." IT teams and business stakeholders are probably familiar with this notification, or something like it. After all, software updates are nothing new: Whenever a vendor makes improvements or includes new capabilities on a previously-released platform, it comes with a...
Intel Admits It Won't Be Possible to Fix Spectre (V2) Flaw in Some Processors
As speculated by the researcher who disclosed Meltdown and Spectre flaws in Intel processors, some of the Intel processors will not receive patches for the Spectre variant 2 side-channel analysis attack In a recent microcode revision guidance PDF, Intel admits that it would not be possible to...
AMD Acknowledges Newly Disclosed Flaws In Its Processors — Patches Coming Soon
AMD has finally acknowledged 13 critical vulnerabilities, and exploitable backdoors in its Ryzen and EPYC processors disclosed earlier this month by Israel-based CTS Labs and promised to roll out firmware patches for millions of affected devices 'in the coming weeks.' According to CTS-Labs...
AMD Acknowledges Vulnerabilities, Will Roll Out Patches In Coming Week
AMD on Tuesday acknowledged several vulnerabilities that had been previously reported in its Ryzen and EPYC chips, and said that it would roll out firmware patches for those flaws in the coming weeks. The response comes a week after Israel-based CTS-Labs said that it has discovered 13 critical...
Security Camera Found Riddled With Bugs
CANCUN, Mexico – Tech firm Hanwha Techwin is racing to fix 13 critical security holes found in its popular line of SmartCam security cameras. The patch rollout is part of public disclosure of the vulnerabilities set for today by researchers who discovered the bugs. Flaws range from the use of an...