21 matches found
EUVD-2008-2232
Malware in sbrugna...
EUVD-2025-31593
Malicious code in bioql PyPI...
CVE-2025-57197
In the Payeer Android application 2.5.0, an improper access control vulnerability exists in the authentication flow for the PIN change feature. A local attacker with root access to the device can dynamically instrument the app to bypass the current PIN verification check and directly modify the...
PT-2025-39852
Name of the Vulnerable Software and Affected Versions Payeer Android application version 2.5.0 Description An improper access control issue exists in the authentication process for changing the PIN in the Payeer Android application. A local attacker with root access to the device can bypass the P...
CVE-2011-1104
Multiple cross-site request forgery CSRF vulnerabilities in Mutare EVM allow remote attackers to hijack the authentication of arbitrary users for requests that 1 change a PIN, 2 delete messages, 3 add a delivery address, or 4 change a delivery address...
SUSE CVE-2008-2235
OpenSC before 0.11.5 uses weak permissions ADMIN file control information of 00 for the 5015 directory on smart cards and USB crypto tokens running Siemens CardOS M4, which allows physically proximate attackers to change the PIN...
CVE-2021-37116
PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause that the PIN of the subscriber is changed...
CVE-2021-37116
PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause that the PIN of the subscriber is changed...
A week in security (August 16 – August 22)
Last week on Malwarebytes Labs: Podcast: Katie Moussouris hacked Clubhouse. Her emails went unanswered for weeks. How to troubleshoot hardware problems that look like malware problems. Analysts “strongly believe” the Russian state colludes with ransomware gangs. macOS 11’s hidden security...
CVE-2016-0915
The Self-Service Portal in EMC RSA Authentication Manager AM Prime Self-Service 3.0 and 3.1 before 3.1 1915.42871 allows remote authenticated users to cause a denial of service PIN change for an arbitrary user via a modified token serial number within a PIN change request, related to a "direct...
CVE-2016-0915
The Self-Service Portal in EMC RSA Authentication Manager AM Prime Self-Service 3.0 and 3.1 before 3.1 1915.42871 allows remote authenticated users to cause a denial of service PIN change for an arbitrary user via a modified token serial number within a PIN change request, related to a "direct...
CVE-2016-0915
CVE-2016-0915 affects the Self-Service Portal in EMC RSA Authentication Manager Prime Self-Service 3.0 and 3.1 (before 3.1 1915.42871). The vulnerability is a direct object reference flaw that allows remote authenticated users to cause a denial of service by altering a token serial number within ...
Mutare Software EVM 2.2.9 Cross Site Request Forgery / Cross Site Scripting
Description: Mutare Software EVM 2.2.9 possibly earlier versions is vulnerable to CSRF and XSS. An attacker could do the following to a users' EVM settings: A. Change their EVM PIN B. Delete all of their voice messages C. Change or add any of their delivery address for voicemails CERT Vulnerabili...
CVE-2011-1104
Multiple cross-site request forgery CSRF vulnerabilities in Mutare EVM allow remote attackers to hijack the authentication of arbitrary users for requests that 1 change a PIN, 2 delete messages, 3 add a delivery address, or 4 change a delivery address...
Debian Security Advisory DSA 1627-1 (opensc)
The remote host is missing an update to opensc announced via advisory DSA 1627-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
[SECURITY] [DSA 1627-1] New opensc packages fix smart card vulnerability
------------------------------------------------------------------------ Debian Security Advisory DSA-1627-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst August 04, 2008 http://www.debian.org/security/faq -...
Design/Logic Flaw
OpenSC before 0.11.5 uses weak permissions ADMIN file control information of 00 for the 5015 directory on smart cards and USB crypto tokens running Siemens CardOS M4, which allows physically proximate attackers to change the PIN...
DEBIAN-CVE-2008-2235
OpenSC before 0.11.5 uses weak permissions ADMIN file control information of 00 for the 5015 directory on smart cards and USB crypto tokens running Siemens CardOS M4, which allows physically proximate attackers to change the PIN...
CVE-2008-2235
OpenSC before 0.11.5 uses weak permissions ADMIN file control information of 00 for the 5015 directory on smart cards and USB crypto tokens running Siemens CardOS M4, which allows physically proximate attackers to change the PIN...
CVE-2008-2235
OpenSC before 0.11.5 uses weak permissions ADMIN file control information of 00 for the 5015 directory on smart cards and USB crypto tokens running Siemens CardOS M4, which allows physically proximate attackers to change the PIN...