355 matches found
CVE-2025-59105
With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption. Thus, essential files, such as "/etc/passwd", as well as stored certificates, cryptographic keys, stored PINs and so on can be modified and...
CVE-2025-59103
The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions. In this new hardware revision it was noticed that an SSH service is exposed on port 22. By analyzing the firmware of the devices, it was noticed that there are two users...
CVE-2025-59105
With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption. Thus, essential files, such as "/etc/passwd", as well as stored certificates, cryptographic keys, stored PINs and so on can be modified and...
CVE-2025-59105 Unencrypted Flash Storage in dormakaba access manager
With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption. Thus, essential files, such as "/etc/passwd", as well as stored certificates, cryptographic keys, stored PINs and so on can be modified and...
PT-2026-4755
With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption. Thus, essential files, such as "/etc/passwd", as well as stored certificates, cryptographic keys, stored PINs and so on can be modified and...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000796)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000796 advisory. The restorefpuchecking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002291)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002291 advisory. The restorefpuchecking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending...
CVE-2019-16897
In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120; and K7 Ultimate Security 16.0.xxx through 16.0.0120, the module K7TSHlpr.dll improperly validates the administrative privileges of the user, allowing arbitrary registry writes in the K7AVOptn.dll...
CVE-2019-16896
In K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll aka the backup module improperly validates the administrative privileges of the user, allowing an arbitrary file write via a symbolic link attack with file restoration functionality...
CVE-2025-67826
An issue was discovered in K7 Ultimate Security 17.0.2045. A Local Privilege Escalation LPE vulnerability in the K7 Ultimate Security antivirus can be exploited by a local unprivileged user on default installations of the product. Insecure access to a named pipe allows unprivileged users to edit...
CVE-2025-67826
An issue was discovered in K7 Ultimate Security 17.0.2045. A Local Privilege Escalation LPE vulnerability in the K7 Ultimate Security antivirus can be exploited by a local unprivileged user on default installations of the product. Insecure access to a named pipe allows unprivileged users to edit...
CVE-2025-67826
An issue was discovered in K7 Ultimate Security 17.0.2045. A Local Privilege Escalation LPE vulnerability in the K7 Ultimate Security antivirus can be exploited by a local unprivileged user on default installations of the product. Insecure access to a named pipe allows unprivileged users to edit...
CVE-2025-67826
An issue was discovered in K7 Ultimate Security 17.0.2045. A Local Privilege Escalation LPE vulnerability in the K7 Ultimate Security antivirus can be exploited by a local unprivileged user on default installations of the product. Insecure access to a named pipe allows unprivileged users to edit...
PT-2025-52652
Name of the Vulnerable Software and Affected Versions K7 Ultimate Security version 17.0.2045 Description A local privilege escalation issue exists in K7 Ultimate Security antivirus. A local unprivileged user on default installations can exploit insecure access to a named pipe to modify any regist...
CVE-2025-67826
The CVE-2025-67826 entry concerns K7 Ultimate Security 17.0.2045, where a Local Privilege Escalation exists in the antivirus. The underlying issue is insecure access to a named pipe that allows a local unprivileged user to edit any registry key, enabling a full SYSTEM compromise. This is a local,...
CVE-2025-67826
An issue was discovered in K7 Ultimate Security 17.0.2045. A Local Privilege Escalation LPE vulnerability in the K7 Ultimate Security antivirus can be exploited by a local unprivileged user on default installations of the product. Insecure access to a named pipe allows unprivileged users to edit...
EUVD-2017-7750
Malware in sbrugna...
EUVD-2017-7748
Malware in sbrugna...
EUVD-2019-7394
Malware in sbrugna...
EUVD-2019-7395
Malware in sbrugna...