CVE-2025-59105

With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption. Thus, essential files, such as "/etc/passwd", as well as stored certificates, cryptographic keys, stored PINs and so on can be modified and...

CVE-2025-59105 Unencrypted Flash Storage in dormakaba access manager

With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption. Thus, essential files, such as "/etc/passwd", as well as stored certificates, cryptographic keys, stored PINs and so on can be modified and...

CVE-2025-59105

With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption. Thus, essential files, such as "/etc/passwd", as well as stored certificates, cryptographic keys, stored PINs and so on can be modified and...

PT-2026-4755

With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption. Thus, essential files, such as "/etc/passwd", as well as stored certificates, cryptographic keys, stored PINs and so on can be modified and...

EUVD-2019-7145

Malware in sbrugna...

CVE-2019-16398

On Keeper K5 20.1.0.25 and 20.1.0.63 devices, remote code execution can occur by inserting an SD card containing a file named zskjscriptrun.sh that executes a reverse shell...

PT-2024-40628 · Git +1 · Krb5

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of Use-of-uninitialized-value. The crash state involves the k5 hashtab add and insert entry functions in the fuzz...

k5.co.kr Cross Site Scripting vulnerability OBB-3268992

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Lenovo K5 Pro phone has information leakage vulnerability

The Lenovo K5pro phone is an extremely low-priced mass model released in mid-October 2018 by Lenovo. The Lenovo K5 Pro phone has an information disclosure vulnerability that can be exploited by attackers to gain access to sensitive information...

CVE-2019-16398

On Keeper K5 20.1.0.25 and 20.1.0.63 devices, remote code execution can occur by inserting an SD card containing a file named zskjscriptrun.sh that executes a reverse shell...

CVE-2019-16398

On Keeper K5 20.1.0.25 and 20.1.0.63 devices, remote code execution can occur by inserting an SD card containing a file named zskjscriptrun.sh that executes a reverse shell...

Remote code execution

On Keeper K5 20.1.0.25 and 20.1.0.63 devices, remote code execution can occur by inserting an SD card containing a file named zskjscriptrun.sh that executes a reverse shell...

CVE-2019-16398

CVE-2019-16398 affects Keeper K5 devices (versions 20.1.0.25 and 20.1.0.63). The described issue is remote code execution caused by inserting an SD card containing a file named zskj_script_run.sh that executes a reverse shell. The connected documents reiterate this vector without introducing addi...

CVE-2019-16398

On Keeper K5 20.1.0.25 and 20.1.0.63 devices, remote code execution can occur by inserting an SD card containing a file named zskjscriptrun.sh that executes a reverse shell...

k5.co.kr Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-919771 Security Researcher Renzi Helped patch 6742 vulnerabilities Received 8 Coordinated Disclosure badges Received 36 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting k5.co.kr website and its user...

Fedora 25 : libmtp (2017-4c57da6642)

libmtp 1.1.13 ============= Christophe Vu-Brugier 1 : - added GoPro HERO5 Black Emeric Grange 2 : - added GoPro HERO5 Session - rename F5321 into XPeria X Compact Gaute Hope 2 : - add GoPro Hero+ - add mtp-detect for GoPro Hero+ Jerry Zhang 1 : - Update Google device strings, add PTP+ADB id Marcu...

Open Blog 1.2.1 Cross Site Request Forgery

Vulnerability ID: HTB22763 Reference: http://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryinopenblog.html Product: Open blog Vendor: K5 Storitve http://www.open-blog.info/ Vulnerable Version: 1.2.1 Vendor Notification: 15 December 2010 Vulnerability Type: CSRF Cross-Site Request Forgery...