17 matches found
EUVD-2021-24844
Malware in sbrugna...
EUVD-2023-23770
Malicious code in bioql PyPI...
CVE-2023-1526
Certain DesignJet and PageWide XL TAA compliant models may have risk of potential information disclosure if the hard disk drive is physically removed from the printer...
Information disclosure
Certain DesignJet and PageWide XL TAA compliant models may have risk of potential information disclosure if the hard disk drive is physically removed from the printer...
CVE-2023-1526
Certain DesignJet and PageWide XL TAA compliant models may have risk of potential information disclosure if the hard disk drive is physically removed from the printer...
CVE-2023-1526
CVE-2023-1526 affects HP DesignJet and PageWide XL printers (TAA compliant). The vulnerability is an information disclosure risk if the hard disk drive is physically removed from the printer. The issue is tied to potentially exposed confidential data due to removable HDDs, with a documented impac...
Certain DesignJet and PageWide XL products - Potential information disclosure
Certain DesignJet and PageWide XL TAA compliant models may have risk of potential information disclosure if the hard disk drive is physically removed from the printer. HP has provided firmware updates to resolve the issue for the potentially affected products listed in the table below...
CVE-2021-38392
A skilled attacker with physical access to the affected device can gain access to the hard disk drive of the device to change the telemetry region and could use this setting to interrogate or program an implantable device in any region in the world...
CVE-2021-38400
An attacker with physical access to Boston Scientific Zoom Latitude Model 3120 can remove the hard disk drive or create a specially crafted USB to extract the password hash for brute force reverse engineering of the system password...
CVE-2021-38400
CVE-2021-38400 affects Boston Scientific ZOOM LATITUDE Programmer/Recorder/Monitor (PRM) Model 3120. Vulnerability: password hash stored/used with insufficient computational effort, allowing a physically proximate attacker with access to remove the device’s hard drive or craft a USB to extract th...
CVE-2021-38392 Improper Access Control for Boston Scientific Zoom Latitude
A skilled attacker with physical access to the affected device can gain access to the hard disk drive of the device to change the telemetry region and could use this setting to interrogate or program an implantable device in any region in the world...
Backup Key Recovery 2.2.5 Denial Of Service
Exploit Title: Backup Key Recovery Recover Keys Crashed Hard Disk Drive 2.2.5 - 'Key' Denial of Service PoC Exploit Author : Ismail Tasdelen Exploit Date: 2020-01-06 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/backeyrecoverysetup.exe Tested on OS...
Backup Key Recovery Recover Keys Crashed Hard Disk Drive 2.2.5 - Key Denial of Service (PoC)
Backup Key Recovery Recover Keys Crashed Hard Disk Drive 2.2.5 - Key Denial of Service PoC Exploit Title: Backup Key Recovery Recover Keys Crashed Hard Disk Drive 2.2.5 - 'Key' Denial of Service PoC Exploit Author : Ismail Tasdelen Exploit Date: 2020-01-06 Vendor Homepage :...
VHD Driver Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Virtual Hard Disk Drive fails to properly handle user access to certain files. An attacker who successfully exploited the vulnerability could manipulate files in locations not intended to be available to the user. To exploit the...
Academics Devise New Way to Steal Data from Air-Gapped Computers
Stealing data from air-gapped computers is one of the great exercises in computer security: advanced attackers covet what’s stored on these isolated machines, while researchers try to figure out the novel ways adversaries could jump those gaps. The latest effort doesn’t involve USBs, heat,...
HDL-A and HDL2-A Series vulnerable in session management
Overview HDL-A and HDL2-A Series provided by I-O DATA DEVICE, INC. are LAN connectable hard disk drives. HDL-A and HDL2-A Series contain a vulnerability related to the management of sessions. Kazuki Hirota of Keio University Keiji Takeda Research Group reported this vulnerability to IPA. JPCERT/C...
I-O DATA DEVICE HDL-F series cross-site request forgery vulnerability
Overview The HDL-F series products from I-O DATA DEVICE, INC. are LAN connectable hard disk drives. The web interface for administration in the products contains a cross-site request forgery vulnerability. The HDL-F series products provided by I-O DATA DEVICE, INC. are LAN connectable hard disk...