CVE-2022-46308

SGUDA U-Lock central lock control service’s user management function has incorrect authorization. A remote attacker with general user privilege can exploit this vulnerability to call privileged APIs to access, modify and delete user information...

PT-2023-14904 · Sguda · Sguda U-Lock

Name of the Vulnerable Software and Affected Versions: SGUDA U-Lock central lock control service affected versions not specified Description: The issue is related to incorrect authorization in the lock management function of the SGUDA U-Lock central lock control service. A remote attacker with...

CVE-2022-46307

SGUDA U-Lock central lock control service’s lock management function has incorrect authorization. A remote attacker with general privilege can exploit this vulnerability to call privileged APIs to acquire information, manipulate or disrupt the functionality of arbitrary electronic locks...

CVE-2019-16924

The Nulock application 1.5.0 for mobile devices sends a cleartext password over Bluetooth, which allows remote attackers after sniffing the network to take control of the lock...

CVE-2019-16924

The Nulock application 1.5.0 for mobile devices sends a cleartext password over Bluetooth, which allows remote attackers after sniffing the network to take control of the lock...

CVE-2019-5633

An insecure storage of sensitive information vulnerability is present in Hickory Smart for iOS mobile devices from Belwith Products, LLC. The application's database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for iOS,...

CVE-2019-5632

An insecure storage of sensitive information vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. The application's database was found to contain information that could be used to control the lock devices remotely. This issue affects Hickory Smart for...

SUSE SLED15 / SLES15 Security Update : 389-ds (SUSE-SU-2019:1207-2)

This update for 389-ds fixes the following issues : The following security vulnerabilities were addressed : CVE-2018-10850: Fixed a race condition on reference counter that would lead to a denial of service using persistent search bsc1096368 CVE-2017-15134: Fixed a remote denial of service via...

openSUSE Security Update : 389-ds (openSUSE-2019-1397)

This update for 389-ds fixes the following issues : The following security vulnerabilities were addressed : - CVE-2018-10850: Fixed a race condition on reference counter that would lead to a denial of service using persistent search bsc1096368 - CVE-2017-15134: Fixed a remote denial of service vi...

BEWARD Intercom 2.3.1 - Credentials Disclosure

!/usr/bin/env python -- coding: utf8 -- BEWARD Intercom 2.3.1 Credentials Disclosure Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: 2.3.1.34471 2.3.0 2.2.11 2.2.10.5 2.2.9 2.2.8.9 2.2.7.4 Note: For versions above 2.2.11: The application data directory, whic...

BEWARD Intercom 2.3.1 Credential Disclosure

!/usr/bin/env python -- coding: utf8 -- BEWARD Intercom 2.3.1 Credentials Disclosure Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: 2.3.1.34471 2.3.0 2.2.11 2.2.10.5 2.2.9 2.2.8.9 2.2.7.4 Note: For versions above 2.2.11: The application data directory, whic...

Red Hat 389 Directory Server vslapd_log_emergency_error Denial of Service (CVE-2018-14624)

A denial-of-service vulnerability has been reported in 389 Directory Server. The vulnerability is due to improper use of the lock controlling the error log when the log file is reopened. A remote, unauthenticated attacker could send LDAP requests to a very large DN to trigger the vulnerability...