534 matches found
PT-2022-25333 · Ubports · Ubports Ubuntu Touch
Name of the Vulnerable Software and Affected Versions: UBports Ubuntu Touch version 16.04 Description: The issue allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, which is far below the typical length and complexity for a user account...
Exploit for Improper Privilege Management in Ubports Ubuntu_Touch
UPDATE 09.09.2022 I got new CV...
CVE-2022-36558
Seiko SkyBridge MB-A100/A110 v4.2.0 and below implements a hard-coded passcode for the root account. Attackers are able to access the passcord via the file /etc/ciel.cfg...
Hardcoded credentials
Seiko SkyBridge MB-A100/A110 v4.2.0 and below implements a hard-coded passcode for the root account. Attackers are able to access the passcord via the file /etc/ciel.cfg...
CVE-2022-36558
Seiko SkyBridge MB-A100/A110 v4.2.0 and below implements a hard-coded passcode for the root account. Attackers are able to access the passcord via the file /etc/ciel.cfg...
CVE-2022-36558
CVE-2022-36558 affects Seiko SkyBridge MB-A100/110 (firmware 4.2.0 and earlier). The root account uses a hard-coded passcode that can be read from /etc/ciel.cfg, enabling unauthorized admin access. Impact: admin/root-level control of the device. Mitigation per connected docs: update firmware to S...
PT-2022-23467 · Seiko · Seiko Skybridge Mb-A100/A110
Name of the Vulnerable Software and Affected Versions: Seiko SkyBridge MB-A100/A110 versions 4.2.0 and below Description: The issue concerns a hard-coded passcode for the root account, which can be accessed by attackers through the file /etc/ciel.cfg. Recommendations: For versions 4.2.0 and below...
Session 授权问题漏洞
Session is a new type of encrypted private messenger open-sourced by Oxen. A security vulnerability exists in Session version 1.13.0. An attacker exploited the vulnerability to bypass an application's password or passcode lock to access user data...
CVE-2022-29948
Due to an insecure design, the Lepin EP-KP001 flash drive through KP001V19 is vulnerable to an authentication bypass attack that enables an attacker to gain access to the stored encrypted data. Normally, the encrypted disk partition with this data is unlocked by entering the correct passcode 6 to...
CVE-2022-29948
Due to an insecure design, the Lepin EP-KP001 flash drive through KP001V19 is vulnerable to an authentication bypass attack that enables an attacker to gain access to the stored encrypted data. Normally, the encrypted disk partition with this data is unlocked by entering the correct passcode 6 to...
Update now! Patch against vulnerabilities in Meeting Owl Pro and Whiteboard Owl devices
After a decent amount of pressure, Owl Labs has finally released updates for vulnerabilities in Meeting Owl, and Whiteboard Owl cameras. The vulnerabilities were reported to Owl Labs in January, One of the vulnerabilities, CVE-2022-31460 has been added to the Known exploited vulnerabilities catal...
CVE-2022-28384
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they allow an offline brute-force attack for determining the correct passcode, and thus gaining unauthorized access to the stored encrypted data. This affects Keypad Secure USB 3.2 Gen 1 Drive Part...
CVE-2022-28384
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they allow an offline brute-force attack for determining the correct passcode, and thus gaining unauthorized access to the stored encrypted data. This affects Keypad Secure USB 3.2 Gen 1 Drive Part...
CVE-2022-31459
Owl Labs Meeting Owl 5.2.0.15 allows attackers to retrieve the passcode hash via a certain c 10 value over Bluetooth...
CVE-2022-31461
Owl Labs Meeting Owl 5.2.0.15 allows attackers to deactivate the passcode protection mechanism via a certain c 11 message...
CVE-2022-31461
Owl Labs Meeting Owl 5.2.0.15 allows attackers to deactivate the passcode protection mechanism via a certain c 11 message...
CVE-2022-31459
Owl Labs Meeting Owl 5.2.0.15 allows attackers to retrieve the passcode hash via a certain c 10 value over Bluetooth...
CVE-2022-31459
Owl Labs Meeting Owl 5.2.0.15 allows attackers to retrieve the passcode hash via a certain c 10 value over Bluetooth...
CVE-2022-31461
Owl Labs Meeting Owl 5.2.0.15 allows attackers to deactivate the passcode protection mechanism via a certain c 11 message...
Code injection
Owl Labs Meeting Owl 5.2.0.15 allows attackers to deactivate the passcode protection mechanism via a certain c 11 message...