26 matches found
EUVD-2024-16467
Malicious code in bioql PyPI...
EUVD-2024-16466
Malicious code in bioql PyPI...
EUVD-2024-16465
Malicious code in bioql PyPI...
CVE-2024-0674
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, which could allow a local user to acquire root permissions by modifying the updatescript.js, inserting special code inside the script and creating the done.txt file. This would cause the watchdog process...
CVE-2024-0676
Weak password requirement vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version , which allows a local user to interact with the machine where the application is installed, retrieve stored hashes from the machine and crack long 4-character passwords using a dictionary attack...
CVE-2024-0675
Vulnerability of improper checking for unusual or exceptional conditions in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, the exploitation of which could allow an attacker with physical access to the ATM to escape kiosk mode, access the underlying Xwindow interface and execute arbitrary...
CVE-2024-0674
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, which could allow a local user to acquire root permissions by modifying the updatescript.js, inserting special code inside the script and creating the done.txt file. This would cause the watchdog process...
CVE-2024-0676
Weak password requirement vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version , which allows a local user to interact with the machine where the application is installed, retrieve stored hashes from the machine and crack long 4-character passwords using a dictionary attack...
Design/Logic Flaw
Weak password requirement vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version , which allows a local user to interact with the machine where the application is installed, retrieve stored hashes from the machine and crack long 4-character passwords using a dictionary attack...
Privilege escalation
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, which could allow a local user to acquire root permissions by modifying the updatescript.js, inserting special code inside the script and creating the done.txt file. This would cause the watchdog process...
Input validation
Vulnerability of improper checking for unusual or exceptional conditions in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, the exploitation of which could allow an attacker with physical access to the ATM to escape kiosk mode, access the underlying Xwindow interface and execute arbitrary...
CVE-2024-0676 Weak password requirement vulnerability in Lamassu Bitcoin ATM Douro machines
Weak password requirement vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version , which allows a local user to interact with the machine where the application is installed, retrieve stored hashes from the machine and crack long 4-character passwords using a dictionary attack...
CVE-2024-0676 Weak password requirement vulnerability in Lamassu Bitcoin ATM Douro machines
Weak password requirement vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version , which allows a local user to interact with the machine where the application is installed, retrieve stored hashes from the machine and crack long 4-character passwords using a dictionary attack...
CVE-2024-0676
Lamassu Bitcoin ATM Douro 7.1 is affected by a weak password requirement vulnerability. A local attacker can interact with the machine hosting the application, access stored hashes and perform a dictionary attack to crack short passwords (up to 4 characters). Affected component: the ATM software ...
CVE-2024-0675
Lamassu Bitcoin ATM Douro, version 7.1, is affected by a vulnerability described as improper checking for unusual or exceptional conditions. The issue could allow a physical attacker to exit kiosk mode, access the underlying Xwindow interface, and execute arbitrary commands as an unprivileged use...
CVE-2024-0675 Improper checking for unusual or exceptional conditions vulnerability in Lamassu Bitcoin ATM Douro machines
Vulnerability of improper checking for unusual or exceptional conditions in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, the exploitation of which could allow an attacker with physical access to the ATM to escape kiosk mode, access the underlying Xwindow interface and execute arbitrary...
CVE-2024-0675 Improper checking for unusual or exceptional conditions vulnerability in Lamassu Bitcoin ATM Douro machines
Vulnerability of improper checking for unusual or exceptional conditions in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, the exploitation of which could allow an attacker with physical access to the ATM to escape kiosk mode, access the underlying Xwindow interface and execute arbitrary...
CVE-2024-0674
CVE-2024-0674 describes a privilege-escalation in Lamassu Bitcoin ATM Douro machines (version 7.1). A local user can modify updatescript.js and create done.txt, causing the watchdog to run as root and execute the payload in updatescript.js. Connected sources corroborate this root-level impact and...
CVE-2024-0674 Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, which could allow a local user to acquire root permissions by modifying the updatescript.js, inserting special code inside the script and creating the done.txt file. This would cause the watchdog process...
CVE-2024-0674 Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, which could allow a local user to acquire root permissions by modifying the updatescript.js, inserting special code inside the script and creating the done.txt file. This would cause the watchdog process...