16 matches found
EUVD-2023-12768
Malicious code in bioql PyPI...
CVE-2023-0750
Yellobrik PEC-1864 implements authentication checks via javascript in the frontend interface. When the device can be accessed over the network an attacker could bypass authentication. This would allow an attacker to : - Change the password, resulting in a DOS of the users - Change the streaming...
postaelettronicacertificata-pec.it Improper Access Control vulnerability OBB-3843900
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Hackers Targeting Italian Corporate Banking Clients with New Web-Inject Toolkit DrIBAN
Italian corporate banking clients are the target of an ongoing financial fraud campaign that has been leveraging a new web-inject toolkit called drIBAN since at least 2019. "The main goal of drIBAN fraud operations is to infect Windows workstations inside corporate environments trying to alter...
CVE-2023-0750
Yellobrik PEC-1864 implements authentication checks via javascript in the frontend interface. When the device can be accessed over the network an attacker could bypass authentication. This would allow an attacker to : - Change the password, resulting in a DOS of the users - Change the streaming...
Authentication flaw
Yellobrik PEC-1864 implements authentication checks via javascript in the frontend interface. When the device can be accessed over the network an attacker could bypass authentication. This would allow an attacker to : - Change the password, resulting in a DOS of the users - Change the streaming...
CVE-2023-0750 Yellowbrik PEC-1864 authentication bypass
Yellobrik PEC-1864 implements authentication checks via javascript in the frontend interface. When the device can be accessed over the network an attacker could bypass authentication. This would allow an attacker to : - Change the password, resulting in a DOS of the users - Change the streaming...
CVE-2023-0750
CVE-2023-0750 affects the Yellobrik PEC-1864 front-end authentication. The vulnerability stems from authentication checks implemented via JavaScript in the device’s frontend, which can be bypassed when the device is reachable over the network. Exploitation could allow an attacker to: change the p...
CVE-2023-0750 Yellowbrik PEC-1864 authentication bypass
Yellobrik PEC-1864 implements authentication checks via javascript in the frontend interface. When the device can be accessed over the network an attacker could bypass authentication. This would allow an attacker to : - Change the password, resulting in a DOS of the users - Change the streaming...
LYNX Technik Yellobrik PEC-1864 安全漏洞
The LYNX Technik Yellobrik PEC-1864 is a versatile and compact SDI/HDMI H.264 streamer and recorder from LYNX Technik. A security vulnerability exists in the LYNX Technik Yellobrik PEC-1864 version, which stems from an authentication check implemented via javascript in the front-end interface,...
pec-oswiecim.com.pl Cross Site Scripting vulnerability OBB-3072100
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
GSD-2022-1006031 i2c: cadence: Support PEC for SMBus block read
i2c: cadence: Support PEC for SMBus block read This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.211 by commit...
GSD-2022-1005872 i2c: cadence: Support PEC for SMBus block read
i2c: cadence: Support PEC for SMBus block read This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.137 by commit...
GSD-2022-1005622 i2c: cadence: Support PEC for SMBus block read
i2c: cadence: Support PEC for SMBus block read This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.61 by commit...
GSD-2022-1005279 i2c: cadence: Support PEC for SMBus block read
i2c: cadence: Support PEC for SMBus block read This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.2 by commit...
phpEventCalendar <= 0.2.3 (eventdisplay.php) SQL Injection Exploit
No description provided by source. !/usr/bin/perl Vendor url: www.ikemcg.com require LWP::UserAgent; print " phpEventCalendar = v0.2.3 SQL Injection Exploit By Iron - ironwarez.info Thanks to Silentz for the help : Greets to everyone at RootShell Security Group & dHack Example target url:...