40 matches found
EUVD-2007-0009
Malware in sbrugna...
EUVD-2020-23825
Malware in sbrugna...
CVE-2020-36283
HID OMNIKEY 5427 and OMNIKEY 5127 readers are vulnerable to CSRF when using the EEM driver Ethernet Emulation Mode. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to upload a configuration file to the device. An attacker...
HID Global Encoders
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION : Exploitable locally Vendor : HID Global Equipment : iCLASS SE, OMNIKEY Vulnerability : Improper Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read data from reader configuration...
HID Global OMNIKEY Security Breach
HID Global OMNIKEY is a hardware device from HID Global, Inc. It is used to read cards. A security vulnerability exists in the HID Global OMNIKEY and iCLASS SE. An attacker could exploit the vulnerability to obtain sensitive information...
PT-2024-19381 · Hid Global · Omnikey 5023 Readers +15
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns certain configurations in the communication channel for encoders that could expose sensitive data when reader configuration cards are...
SUSE CVE-2007-0005
Multiple buffer overflows in the 1 read and 2 write handlers in the Omnikey CardMan 4040 driver in the Linux kernel before 2.6.21-rc3 allow local users to gain privileges...
esc bug fix and enhancement update
The esc packages contain the Enterprise Security Client ESC, which allows the user to manage security smart cards. The primary function of the tool is to enroll smart cards, so that they can be used for common cryptographic operations, such as to secure e-mail and website access. Bug Fixes and...
The vulnerability of the EEM driver (Ethernet Emulation Mode) of the microprogramming software for smart card readers from the OMNIKEY 5427 and OMNIKEY 5127 series allows a hacker to perform cross-site scripting attacks.
The vulnerability of the EEM driver Ethernet Emulation Mode of the microprogramming software for smart card readers from the OMNIKEY 5427 and OMNIKEY 5127 series is related to insufficient verification of the authenticity of the requests being sent. Exploiting this vulnerability allows a maliciou...
Cross site scripting
HID OMNIKEY 5427 and OMNIKEY 5127 readers are vulnerable to CSRF when using the EEM driver Ethernet Emulation Mode. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to upload a configuration file to the device. An attacker...
CVE-2020-36283
HID OMNIKEY 5427 and OMNIKEY 5127 readers are vulnerable to CSRF when using the EEM driver Ethernet Emulation Mode. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to upload a configuration file to the device. An attacker...
CVE-2020-36283
The CVE-2020-36283 issue affects HID OMNIKEY 5427 and OMNIKEY 5127 readers. A CSRF flaw in the Ethernet Emulation Mode (EEM) driver allows an authenticated user, lured to a malicious site, to send a crafted HTTP request that uploads a configuration file to the device. This can enable cross-site s...
HID Global OMNIKEY 跨站请求伪造漏洞
HID Global OMNIKEY is a hardware device from HID Global, Inc. It is used to read cards. A security vulnerability exists in the HID OMNIKEY 5427 and OMNIKEY 5127 readers, which can be exploited by a remote attacker to upload a configuration file by convincing an authenticated user to visit a...
Arbitrary Code Execution
kernel is vulnerable to arbitrary code execution. The vulnerability exists as a flaw in the Omnikey CardMan 4040 driver that allowed a local user to execute arbitrary code with kernel privileges. In order to exploit this issue, the Omnikey CardMan 4040 PCMCIA card must be present and the local us...
HID ActivID ActivClient 7.1.0.202 Heap Spray / Denial Of Service Vulnerability
HID ActivID ActivClient version 7.1.0.202 may not enforce upper bounds on the size of data received from a smart card, which can lead to attacks such as memory exhaustion, or serve as a heap spraying primitive for other attacks against the software, albeit slowly. HID ActivID ActivClient 7.1.0.20...
Mandriva Update for kernel MDKSA-2007:078 (kernel)
Check for the Version of kernel OpenVAS Vulnerability Test Mandriva Update for kernel MDKSA-2007:078 kernel Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
Ubuntu Update for linux-source-2.6.17 vulnerabilities USN-486-1
Ubuntu Update for Linux kernel vulnerabilities USN-486-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4861.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for linux-source-2.6.17 vulnerabilities USN-486-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Ubuntu: Security Advisory (USN-489-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu Update for linux-source-2.6.15 vulnerability USN-489-1
Ubuntu Update for Linux kernel vulnerabilities USN-489-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4891.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for linux-source-2.6.15 vulnerability USN-489-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Ubuntu 6.10 : linux-source-2.6.17 vulnerabilities (USN-486-1)
The compatsysmount function allowed local users to cause a denial of service when mounting a smbfs filesystem in compatibility mode. CVE-2006-7203 The Omnikey CardMan 4040 driver cm4040cs did not limit the size of buffers passed to read and write. A local attacker could exploit this to execute...