Beetel 777VR1 Access Control Vulnerability

Beetel 777VR1 is a router produced by the Beetel company. Versions of Beetel 777VR1 prior to 01.00.09/01.00.0955 contain a vulnerability related to access control. This vulnerability stems from improper access control in the UART interface, which could lead to physical device attacks...

EUVD-2015-1984

Malware in sbrugna...

EUVD-2006-4967

Malware in sbrugna...

EUVD-2014-4359

Malware in sbrugna...

EUVD-2020-5718

Malware in sbrugna...

EUVD-2020-5719

Malware in sbrugna...

EUVD-2013-4720

Malware in sbrugna...

EUVD-2017-17792

Malware in sbrugna...

EUVD-2015-3084

Malware in sbrugna...

EUVD-2024-43430

Malicious code in bioql PyPI...

EUVD-2023-35040

Malicious code in bioql PyPI...

EUVD-2023-47008

Malicious code in bioql PyPI...

EUVD-2024-18609

Malicious code in bioql PyPI...

Beyond Vulnerabilities: a Survey of Adversarial Attacks As Both Threats and Defenses in Computer Vision Systems

Adversarial attacks against computer vision systems have emerged as a critical research area that challenges the fundamental assumptions about neural network robustness and security. This comprehensive survey examines the evolving landscape of adversarial techniques, revealing their dual nature a...

In-Context Learning of Vision Language Models for Detection of Physical and Digital Attacks against Face Recognition Systems

Recent advances in biometric systems have significantly improved the detection and prevention of fraudulent activities. However, as detection methods improve, attack techniques become increasingly sophisticated. Attacks on face recognition systems can be broadly divided into physical and digital...

Narrowing the Gap between TEEs Threat Model and Deployment Strategies

Confidential Virtual Machines CVMs provide isolation guarantees for data in use, but their threat model does not include physical level protection and side-channel attacks. Therefore, current deployments rely on trusted cloud providers to host the CVMs' underlying infrastructure. However, TEE...

CVE-2024-20827

Improper access control vulnerability in Samsung Gallery prior to version 14.5.04.4 allows physical attackers to access the picture using physical keyboard on the lockscreen...

CVE-2024-20840

Improper access control in Samsung Voice Recorder prior to versions 21.5.16.01 in Android 12 and Android 13, 21.4.51.02 in Android 14 allows physical attackers using hardware keyboard to use VoiceRecorder on the lock screen...

Threats in space (or rather, on Earth): internet-exposed GNSS receivers

What is GNSS? Global Navigation Satellite Systems GNSS are collections, or constellations of satellite positioning systems. There are several GNSSs launched by different countries currently in operation: GPS US, GLONASS Russia, Galileo EU, BeiDou Navigation Satellite System BDS, China, Navigation...

Security Bulletin: IBM DataPower Gateway vulnerable to physical attacks and DoS.

Summary CVE-2023-1073, CVE-2023-1079, CVE-2023-4132 require physical access to the appliance with malicious USB device. CVE-2023-1206 can allow an attacker with a high bandwidth connection to consume excessive CPU resources. Vulnerability Details CVEID:CVE-2023-1073 DESCRIPTION: Linux Kernel coul...