CVE-2023-28810

Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network...

ROZCOM client 信任管理问题漏洞

ROZCOM client is an intercom system from ROZCOM. A security vulnerability exists in ROZCOM client that stems from the use of hard-coded credentials...

Researchers Uncover Over a Dozen Security Flaws in Akuvox E11 Smart Intercom

More than a dozen security flaws have been disclosed in E11, a smart intercom product made by Chinese company Akuvox. "The vulnerabilities could allow attackers to execute code remotely in order to activate and control the device's camera and microphone, steal video and images, or gain a network...

intercom-kurz.com Cross Site Scripting vulnerability OBB-3106560

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

AIPHONE GT-DB-VN和AIPHONE GT-DMB 安全漏洞

AIPHONE GT-DB-VN and AIPHONE GT-DMB are both products of AIPHONE CORPORATION Japan.AIPHONE GT-DB-VN is an audio module with NFC reader. For use with the GT Series Multi-Tenant Security Intercom, a multi-tenant video entry system.AIPHONE GT-DMB is a 3-in-1 video entry station with NFC reader for t...

Malicious Package

Overview intercom-ui-ng2 is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package w...

MAL-2022-3863 Malicious code in intercom-react-native-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f1fcd283f1ce396af81c959bb56b8fd32a56f22617596e78bebdaf08d500a1b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in io.intercom.cordova.sample (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 95d3158818ec3050c42c802391d0519c3f8d1e0120cd4908bcfb6690f3cccf54 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in intercom-react-native.podspec (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7abac0d25d94aaefe28f345fed96e1b39bc48cf2a461e080bc7932439219bfd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-3864 Malicious code in intercom-react-native.podspec (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7abac0d25d94aaefe28f345fed96e1b39bc48cf2a461e080bc7932439219bfd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

intercom-kurz.com Cross Site Scripting vulnerability OBB-2510394

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploit for Improper Authentication in Dahuasecurity Ipc-Hum7Xxx_Firmware

DahuaLoginBypass Chrome extension that uses vulnerability CVE...

Zenitel AlphaCom XE Audio Server 代码问题漏洞

Zenitel AlphaCom XE Audio Server is a hybrid intercom system from Zenitel Norway. The system supports all VINGTOR-STENTOFON IP and analog intercom stations. A security vulnerability exists in Zenitel AlphaCom XE Audio Server that allows remote shell uploads...

chatwoot has an unspecified vulnerability

chatwoot is an application. Customer Engagement Suite, an open source alternative to intercom, Zendesk, Salesforce Service Cloud, etc. chatwoot suffers from a security vulnerability that stems from chatwoot's vulnerability to the complexity of inefficient regular expressions. No details of the...

Weak password vulnerability in group intercom service configuration platform of Hangzhou Hikvision System Technology Co.

Hangzhou Hikvision System Technology Co., Ltd. is a video-centered intelligent IOT solution provider and operation service provider. A weak password vulnerability exists in the Group Intercom Service Configuration Platform of Hangzhou Hikvision System Technology Company Limited, which can be...

Takeover v0.2 - Sub-Domain TakeOver Vulnerability Scanner

Sub-domain takeover vulnerability occur when a sub-domain subdomain.example.com is pointing to a service e.g: GitHub , AWS/S3 ,.. that has been removed or deleted. This allows an attacker to set up a page on the service that was being used and point their page to that sub-domain. For example, if...

WordPress Intercom Plugin Information Disclosure Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Intercom is an online chat plugin used in it. An information disclosure vulnerability exists in the WordPress Intercom plugin. An...

CVE-2019-14365

The Intercom plugin through 1.2.1 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack channels, members, etc...

CVE-2019-14365

The Intercom plugin through 1.2.1 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack channels, members, etc...

Code injection

The Intercom plugin through 1.2.1 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack channels, members, etc...