Lucene search
K

314 matches found

NVD
NVD
added 2021/06/11 3:15 p.m.27 views

CVE-2021-25409

Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically proximate attackers to set arbitrary notification via physically configuring device...

2.4CVSS0.00104EPSS
Exploits0References1
Prion
Prion
added 2021/06/11 3:15 p.m.20 views

Improper access control

Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically proximate attackers to set arbitrary notification via physically configuring device...

2.1CVSS4.2AI score0.00104EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/06/11 2:33 p.m.27 views

CVE-2021-25409

Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically proximate attackers to set arbitrary notification via physically configuring device...

4.2AI score0.00104EPSS
Exploits0References1
CNVD
CNVD
added 2021/04/01 12:0 a.m.7 views

Samsung Account Log Information Disclosure Vulnerability

Samsung Account is a cell phone account of the South Korean company Samsung Samsung. Samsung Account prior to version 12.1.1.3 suffers from a security vulnerability that allows physically proximate attackers to access user information via logs. No details of the vulnerability are available at thi...

3.9CVSS6.5AI score0.00239EPSS
Exploits0References1
OSV
OSV
added 2021/03/12 5:15 p.m.19 views

CVE-2021-21367

Switchboard Bluetooth Plug for elementary OS from version 2.3.0 and before version version 2.3.5 has an incorrect authorization vulnerability. When the Bluetooth plug is running in discoverable mode, Bluetooth service requests and pairing requests are automatically accepted, allowing physically...

8.1CVSS6.9AI score
Exploits0References6
Prion
Prion
added 2021/03/12 5:15 p.m.19 views

Authorization

Switchboard Bluetooth Plug for elementary OS from version 2.3.0 and before version version 2.3.5 has an incorrect authorization vulnerability. When the Bluetooth plug is running in discoverable mode, Bluetooth service requests and pairing requests are automatically accepted, allowing physically...

4.3CVSS8.1AI score0.00514EPSS
Exploits0References6Affected Software2
NVD
NVD
added 2021/03/04 10:15 p.m.26 views

CVE-2021-25340

Improper access control vulnerability in Samsung keyboard version prior to SMR Feb-2021 Release 1 allows physically proximate attackers to change in arbitrary settings during Initialization State...

5.1CVSS0.0012EPSS
Exploits0References2
NVD
NVD
added 2021/01/19 10:15 p.m.29 views

CVE-2020-27269

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications lacks replay protection measures, which allows unauthenticated, physically proximate attackers to replay communication sequences...

5.7CVSS6.4AI score0.00499EPSS
Exploits0References1
Prion
Prion
added 2021/01/19 5:15 p.m.14 views

Code injection

SOOIL Developments CoLtd DiabecareRS, AnyDana-i ,AnyDana-A, communication protocol of the insulin pump & AnyDana-i,AnyDana-A mobile apps doesnt use adequate measures to protect encryption keys in transit which allows unauthenticated physically proximate attacker to sniff keys via BLE...

2.9CVSS6.3AI score0.00262EPSS
Exploits0References1Affected Software3
Prion
Prion
added 2021/01/19 5:15 p.m.19 views

Code injection

SOOIL Developments CoLtd DiabecareRS, AnyDana-i, AnyDana-A, The communication protocol of the insulin pump and AnyDana-i,AnyDana-A mobile apps doesn't use adequate measures to authenticate the pump before exchanging keys, which allows unauthenticated, physically proximate attackers to eavesdrop t...

2.9CVSS6.3AI score0.00468EPSS
Exploits0References1Affected Software3
NVD
NVD
added 2021/01/08 4:15 p.m.33 views

CVE-2020-27260

Innokas Yhtymä Oy Vital Signs Monitor VC150 prior to Version 1.7.15 HL7 v2.x injection vulnerabilities exist in the affected products that allow physically proximate attackers with a connected barcode reader to inject HL7 v2.x segments into specific HL7 v2.x messages via multiple expected...

5.3CVSS5.6AI score0.00433EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/01/08 3:17 p.m.25 views

CVE-2020-27260

Innokas Yhtymä Oy Vital Signs Monitor VC150 prior to Version 1.7.15 HL7 v2.x injection vulnerabilities exist in the affected products that allow physically proximate attackers with a connected barcode reader to inject HL7 v2.x segments into specific HL7 v2.x messages via multiple expected...

5.6AI score0.00433EPSS
Exploits0References1
Prion
Prion
added 2020/11/16 4:15 a.m.16 views

Code injection

The update functionality of the Discover Media infotainment system in Volkswagen Polo 2019 vehicles allows physically proximate attackers to execute arbitrary code because some unsigned parts of a metainfo file are parsed, which can cause attacker-controlled files to be written to the infotainmen...

7.2CVSS7AI score0.00334EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2020/09/23 1:15 a.m.23 views

CVE-2019-15959

A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker could exploit...

6.6CVSS0.00363EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/04/29 12:0 a.m.63 views

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4345-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4345-1 advisory. Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondar...

7.5CVSS7.5AI score0.0415EPSS
Exploits2References10
Prion
Prion
added 2020/02/06 3:15 p.m.14 views

Buffer overflow

Buffer overflow in the Reclaim function in Tianocore EDK2 before SVN 16280 allows physically proximate attackers to gain privileges via a long variable name...

4.6CVSS7.5AI score0.00405EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/02/06 2:3 p.m.18 views

CVE-2014-8271

Buffer overflow in the Reclaim function in Tianocore EDK2 before SVN 16280 allows physically proximate attackers to gain privileges via a long variable name...

6.8AI score0.00405EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2020/01/31 4:15 p.m.23 views

CVE-2014-4859

Integer overflow in the Drive Execution Environment DXE phase in the Capsule Update feature in the UEFI implementation in EDK2 allows physically proximate attackers to bypass intended access restrictions via crafted data...

7.2CVSS6.7AI score0.00587EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2020/01/31 4:15 p.m.35 views

CVE-2014-4860

Multiple integer overflows in the Pre-EFI Initialization PEI boot phase in the Capsule Update feature in the UEFI implementation in EDK2 allow physically proximate attackers to bypass intended access restrictions by providing crafted data that is not properly handled during the coalescing phase...

7.2CVSS6.8AI score0.00504EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for libgcrypt (EulerOS-SA-2019-2695)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.2CVSS5.5AI score0.00576EPSS
Exploits0References2
Rows per page
Query Builder