15 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix deinitialization of firmware resources Currently, in ath11kahbfwresourcesinit, the iommu domain mapping is performed only for chipsets that have a fixed firmware memory. For such chipsets, the mapping is only...
CVE-2022-42953
Certain ZKTeco products ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM allow access to sensitive information via direct requests for the form/DataApp?style=1 and form/DataApp?style=0 URLs. The affected versions may be before 8.88 ZEM500-510-560-760, ZEM600-800, ZEM720 and 15.00 ZMM200-220-210. The...
CVE-2025-47416 ConsoleFindCommandMatchList
A vulnerability exists in the ConsoleFindCommandMatchList function in libsymproc. so imported by ctpd that may lead to unauthorized execution of an attacker-defined file that gets prioritized by the ConsoleFindCommandMatchList. A third-party researcher discovered that the...
Exploit for CVE-2024-44610
CVE-2024-44610: PEAK PCAN-Ethernet Gateway FD DR Authenticated...
WyreStorm Apollo VX20 Account Enumeration
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WYRESTORMAPOLLOVX20ACCOUNTENUMERATIONCVE-2024-25734.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.wyrestorm.com Product APOLLO VX20 1.3.58 Vulnerability Type...
Multiple vulnerabilities in Contec FLEXLAN FX3000 and FX2000 series
Overview FLEXLAN FX3000 and FX2000 series provided by Contec Co., Ltd. contain multiple vulnerabilities listed below. Hidden Functionality CWE-912 - CVE-2022-36158 Use of Hard-coded Credentials CWE-798 - CVE-2022-36159 Thomas J. Knudsen and Samy Younsi of Necrum Security Labs reported these...
Zyxel VMG1312-B10D 5.13AAXA.8 - Directory Traversal Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Zyxel VMG1312-B10D 5.13AAXA.8 - Directory Traversal Exploit Author: numan türle Vendor Homepage: https://www.zyxel.com/ Software Link:...
Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Datapower Gateways (CVE-2015-4000)
Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Datapower Gateways. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly...
Axis Communications MPQT/PACS Heap Overflow / Information Leakage Vulnerabilities
Axis Communications MPQT/PACS suffers from heap overflow and information leakage vulnerabilities. STX Subject: Axis Communications MPQT/PACS Heap Overflow and Information Leakage. Attack vector: Remote Authentication: Anonymous no credentials needed Researcher: bashis August 2017 PoC:...
Ubiquity Nanostation5 (Air OS) 0day Remote Command Execution
No description provided by source. Exploit Title: Ubiquity Nanostation5 Air OS 0day Remote Command Execution Date: 01 07 2010 Author: Emanuele 'emgent' Gentili Software Link: N/A Version: AirOS all firmwares CVE : N/A + Vulnerability Descrition With not privileged account, like read-only, an...
Lorex LNC116 / LNC104 IP Camera Authentication Bypass Vulnerability
Lorex LNC116 and LNC104 IP cameras only perform basic authentication on the main login page. If you perform direct browsing to any other interface, you are not forcibly authenticated. Product: Lorex LNC116 and LNC104 IP Cameras Vendor: LOREX Technology Inc. Vulnerability Type: Authentication Bypa...
Lorex LNC116 / LNC104 IP Camera Authentication Bypass
Product: Lorex LNC116 and LNC104 IP Cameras Vendor: LOREX Technology Inc. Vulnerability Type: Authentication Bypass Vulnerable Firmware Versions: 030312 and earlier Tested Firmware Version: 030312 Fixed Firmware Version: 030405 Solution Status: Fixed by Vendor Vendor Notification: December 22, 20...
Ubiquity Nanostation5 (Air OS) 0day Remote Command Execution
Exploit for hardware platform in category web applications ============================================================ Ubiquity Nanostation5 Air OS 0day Remote Command Execution ============================================================ Exploit Title: Ubiquity Nanostation5 Air OS 0day Remote...
Ubiquity Nanostation5 (Air OS) - Remote Command Execution
Ubiquity Nanostation5 Air OS - Remote Command Execution Exploit Title: Ubiquity Nanostation5 Air OS 0day Remote Command Execution Date: 01 07 2010 Author: Emanuele 'emgent' Gentili Software Link: N/A Version: AirOS all firmwares CVE : N/A + Vulnerability Descrition With not privileged account, li...
XMicro.backdoor2.txt
Backdoor in the X-Micro WLAN 11b Broadband Router ALL VERSIONS ARE AFFECTED 1.6.0.1 too Previous bugreport's bugtraq id: 10095 FCC ID: RAFXWL-11BRRG Firmware Version: 1.2.2, 1.2.2.3, 1.2.2.4, 1.6.0.0, 1.6.0.1 Remote: yes, easily expoitable Type: administration password, which always works The...