69 matches found
EUVD-2020-26731
Malware in sbrugna...
EUVD-2022-32831
Malicious code in bioql PyPI...
EUVD-2024-16968
Malicious code in bioql PyPI...
CVE-2022-28384
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they allow an offline brute-force attack for determining the correct passcode, and thus gaining unauthorized access to the stored encrypted data. This affects Keypad Secure USB 3.2 Gen 1 Drive Part...
CVE-2022-28382
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to the use of an insecure encryption AES mode Electronic Codebook, aka ECB, an attacker may be able to extract information even from encrypted data, for example by observing repeating byte patterns. The firmware of the...
CVE-2022-28386
An issue was discovered in certain Verbatim drives through 2022-03-31. The security feature for lockout e.g., requiring a reformat of the drive after 20 failed unlock attempts does not work as specified. More than 20 attempts may be made. This affects Keypad Secure USB 3.2 Gen 1 Drive Part Number...
CVE-2020-5569
An unquoted search path vulnerability exists in HDD Password tool for Windows version 1.20.6620 and earlier which is stored in CANVIO PREMIUM 3TBHD-MB30TY, HD-MA30TY, HD-MB30TS, HD-MA30TS, CANVIO PREMIUM 2TBHD-MB20TY, HD-MA20TY, HD-MB20TS, HD-MA20TS, CANVIO PREMIUM 1TBHD-MB10TY, HD-MA10TY,...
Siemens InsydeH2O Plaintext Storage of a Password (CVE-2021-38489)
An issue was discovered in the the HddPasswordPei driver of the Insyde InsydeH2O 5.x. HDD password is stored in plaintext. This plugin only works with Tenable.ot Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc';...
CVE-2024-44972
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
PT-2024-3508 · Huawei · Huawei Matebook D16
Name of the Vulnerable Software and Affected Versions: Huawei Matebook D16 version CREM-WXX9, BIOS v2.26 Description: The issue is related to a memory corruption in the SMI Handler of the HddPassword SMM Module in the UEFI BIOS firmware. This can be exploited by a malicious OS attacker to corrupt...
CVE-2024-1201
Search path or unquoted item vulnerability in HDD Health affecting versions 4.2.0.112 and earlier. This vulnerability could allow a local attacker to store a malicious executable file within the unquoted search path, resulting in privilege escalation...
Privilege escalation
Search path or unquoted item vulnerability in HDD Health affecting versions 4.2.0.112 and earlier. This vulnerability could allow a local attacker to store a malicious executable file within the unquoted search path, resulting in privilege escalation...
CVE-2024-1201 PanteraSoft HDD Health search path or unquoted item vulnerability
Search path or unquoted item vulnerability in HDD Health affecting versions 4.2.0.112 and earlier. This vulnerability could allow a local attacker to store a malicious executable file within the unquoted search path, resulting in privilege escalation...
CVE-2024-1201 PanteraSoft HDD Health search path or unquoted item vulnerability
Search path or unquoted item vulnerability in HDD Health affecting versions 4.2.0.112 and earlier. This vulnerability could allow a local attacker to store a malicious executable file within the unquoted search path, resulting in privilege escalation...
CVE-2024-1201
The CVE is linked to PanteraSoft HDD Health 4.2.0.112 and earlier. Affected component: HDD Health executable handling with a search path/unquoted item scenario. Root cause: unquoted search path leading to privilege escalation when a local attacker can place a malicious executable in the unquoted ...
PanteraSoft HDD Health Code Issue Vulnerability
PanteraSoft HDD Health is a compact freeware from PanteraSoft. A code issue vulnerability exists in PanteraSoft HDD Health 4.2.0.112 and prior versions, which stems from the presence of a search path or unquoted item vulnerability that could allow a local attacker to store malicious executables...
KeePass vulnerability allows attackers to access the master password
KeePass is a free open source password manager, which helps you to manage your passwords and stores them in encrypted form. In fact, KeePass encrypts the whole database, i.e. not only your passwords, but also your user names, URLs, notes, etc. That encrypted database can only be opened with the...
HDD Health 4.2.0.112 - 'HDDHealth' Unquoted Service Path
Exploit Title: HDD Health 4.2.0.112 - 'HDDHealth' Unquoted Service Path Exploit Author: Jorge Manuel Lozano Gómez Date: 2022-10-19 Vendor Homepage: https://www.panterasoft.com Software Link: https://hdd-health.softonic.com Version : 4.2.0.112 Tested on: Windows 11 64bit CVE : N/A About Unquoted...
HDD Health 4.2.0.112 Unquoted Service Path
Exploit Title: HDD Health 4.2.0.112 - 'HDDHealth' Unquoted Service Path Exploit Author: Jorge Manuel Lozano Gómez Date: 2022-10-19 Vendor Homepage: https://www.panterasoft.com Software Link: https://hdd-health.softonic.com Version : 4.2.0.112 Tested on: Windows 11 64bit CVE : N/A About Unquoted...
HDD Health 4.2.0.112 - (HDDHealth) Unquoted Service Path Vulnerability
Exploit Title: HDD Health 4.2.0.112 - 'HDDHealth' Unquoted Service Path Exploit Author: Jorge Manuel Lozano Gómez Vendor Homepage: https://www.panterasoft.com Software Link: https://hdd-health.softonic.com Version : 4.2.0.112 Tested on: Windows 11 64bit CVE : N/A About Unquoted Service Path :...