12 matches found
EUVD-2020-19579
Malware in sbrugna...
EUVD-2025-27020
Malicious code in bioql PyPI...
EUVD-2025-27023
Malicious code in bioql PyPI...
CVE-2025-30198
CVE-2025-30198 affects ECOVACS robot vacuums and base stations. Root causes: insecure Wi‑Fi using a deterministic WPA2-PSK that can be derived from device serial numbers; base stations do not validate firmware updates, enabling potential malicious OTA updates; AES encryption key similarly derivab...
CVE-2025-30198 ECOVACS Vacuum and Base Station Hard-Coded WPA2-PSK
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived...
CVE-2025-30200 ECOVACS Vacuum and Base Station Hard-Coded AES Encryption
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic AES encryption key, which can be easily derived...
Unspecified Vulnerability in D-Link DSL6740C
The D-Link DSL6740C is a wireless router developed by D-link. The D-Link DSL6740C suffers from a security vulnerability that stems from the use of an insecure default wifi password, which can be exploited by an attacker to gain unauthorized access to the system...
Design/Logic Flaw
In createConnectToAvailableNetworkNotification of ConnectToNetworkNotificationBuilder.java, there is a possible connection to untrusted WiFi networks due to notification interaction above the lockscreen. This could lead to local escalation of privilege with no additional execution privileges...
CVE-2020-27055
In isSubmittable and showWarningMessagesIfAppropriate of WifiConfigController.java and WifiConfigController2.java, there is a possible insecure WiFi configuration due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. Use...
Input validation
In isSubmittable and showWarningMessagesIfAppropriate of WifiConfigController.java and WifiConfigController2.java, there is a possible insecure WiFi configuration due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. Use...
CVE-2020-27055
In isSubmittable and showWarningMessagesIfAppropriate of WifiConfigController.java and WifiConfigController2.java, there is a possible insecure WiFi configuration due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. Use...
DroidSheep Android App Hijacks Sessions in One Click, Developer Meant Well
Following the success of the Firesheep application, a new Android application called DroidSheep allows users to hijack Web sessions of popular online services over insecure Wifi connections. DroidSheep enables Android-based man in the middle attacks against a wide range of Web sites, including...