Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-54661

Malicious code in bioql PyPI...

7.6CVSS7AI score0.00663EPSS
Exploits1References4
OSV
OSV
added 2024/01/15 2:15 p.m.2 views

CVE-2023-4818

PAX A920 device allows to downgrade bootloader due to a bug in its version check. The signature is correctly checked and only bootloader signed by PAX can be used. The attacker must have physical USB access to the device in order to exploit this vulnerability...

7.6CVSS5.8AI score0.00663EPSS
Exploits1References4
NVD
NVD
added 2024/01/15 2:15 p.m.18 views

CVE-2023-4818

PAX A920 device allows to downgrade bootloader due to a bug in its version check. The signature is correctly checked and only bootloader signed by PAX can be used. The attacker must have physical USB access to the device in order to exploit this vulnerability...

7.6CVSS7.3AI score0.00663EPSS
Exploits1References4
Prion
Prion
added 2024/01/15 2:15 p.m.10 views

Design/Logic Flaw

PAX A920 device allows to downgrade bootloader due to a bug in its version check. The signature is correctly checked and only bootloader signed by PAX can be used. The attacker must have physical USB access to the device in order to exploit this vulnerability...

4.6CVSS6.8AI score0.00663EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/15 1:28 p.m.2 views

CVE-2023-4818

PAX A920 device allows to downgrade bootloader due to a bug in its version check. The signature is correctly checked and only bootloader signed by PAX can be used. The attacker must have physical USB access to the device in order to exploit this vulnerability...

6.8AI score0.00663EPSS
Exploits1References4
CVE
CVE
added 2024/01/15 1:28 p.m.52 views

CVE-2023-4818

CVE-2023-4818 affects PAX A920 bootloader downgrade due to a bug in the version check. The signature check remains intact and only bootloaders signed by PAX are accepted. Exploitation requires physical USB access to the device. The connected documents confirm the vulnerability and its physical-ac...

7.6CVSS7.3AI score0.00663EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2024/01/15 1:28 p.m.22 views

CVE-2023-4818

PAX A920 device allows to downgrade bootloader due to a bug in its version check. The signature is correctly checked and only bootloader signed by PAX can be used. The attacker must have physical USB access to the device in order to exploit this vulnerability...

7.4AI score0.00663EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/01/15 12:0 a.m.4 views

PAX Technology A920 Security Vulnerability

PAX Technology A920 is an Android mobile payment terminal from PAX Technology. A security vulnerability exists in PAX Technology A920 PayDroid8.1.0SagittariusV11.1.4520230314 and prior versions, which originates from the ability to bypass input validation when refreshing a specific partition, and...

7.6CVSS7.2AI score0.00663EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2024/01/15 12:0 a.m.3 views

PT-2024-1564 · Pax · Pax A920

Name of the Vulnerable Software and Affected Versions: PAX A920 device affected versions not specified Description: The issue is related to a bug in the version check of the PAX A920 device's bootloader, allowing it to be downgraded. The device correctly checks the signature and only allows...

7.6CVSS6.6AI score0.00663EPSS
Exploits1References17
CNNVD
CNNVD
added 2024/01/15 12:0 a.m.7 views

PAX Technology A920 Injection Vulnerability

PAX Technology A920 is an Android mobile payment terminal from PAX Technology. The PAX Technology A920 suffers from a security vulnerability that originates from a version checking error, which can be exploited by an attacker to steer the loader to downgrade to a vulnerable version, leading to...

7.6CVSS7.4AI score0.00663EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/01/15 12:0 a.m.6 views

PAX Technology A920 Security Vulnerability

PAX Technology A920 is an Android mobile payment terminal from PAX Technology. A security vulnerability exists in PAX Technology A920 PayDroid8.1.0SagittariusV11.1.4520230314 and earlier versions, which originates from allowing to overwrite the signature partition, and can be exploited by an...

7.6CVSS7.1AI score0.00663EPSS
Exploits2References5
ATTACKERKB
ATTACKERKB
added 2023/04/14 1:15 p.m.3 views

CVE-2023-26980

PAX Technology PAX A920 Pro PayDroid 8.1suffers from a Race Condition vulnerability, which allows attackers to bypass the payment software and force the OS to boot directly to Android during the boot process. NOTE: the vendor disputes this because the attack is not feasible: the home launcher wil...

7CVSS7AI score0.0028EPSS
Exploits1References4
OSV
OSV
added 2023/04/14 1:15 p.m.5 views

CVE-2023-26980

PAX Technology PAX A920 Pro PayDroid 8.1suffers from a Race Condition vulnerability, which allows attackers to bypass the payment software and force the OS to boot directly to Android during the boot process. NOTE: the vendor disputes this because the attack is not feasible: the home launcher wil...

7CVSS7AI score0.0028EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/04/14 12:0 a.m.6 views

PAX Technology PAX A920 Pro PayDroid 竞争条件问题漏洞

PAX Technology PAX A920 Pro PayDroid is an Android payment terminal with a large HD screen, high-quality camera and scanner, and a high-speed printer from PAX Global PAX Technology, China. PAX Technology PAX A920 Pro PayDroid version 8.1 suffers from a Competitive Condition Issue vulnerability th...

7CVSS7.1AI score0.0028EPSS
Exploits1References4
Rows per page
Query Builder