16 matches found
EUVD-2021-26008
Malware in sbrugna...
CVE-2024-41798
A vulnerability has been identified in SENTRON 7KM PAC3200 All versions. Affected devices only provide a 4-digit PIN to protect from administrative access via Modbus TCP interface. Attackers with access to the Modbus TCP interface could easily bypass this protection by brute-force attacks or by...
SUSE CVE-2023-28647
Nextcloud iOS is an ios application used to interface with the nextcloud home cloud ecosystem. In versions prior to 4.7.0 when an attacker has physical access to an unlocked device, they may enable the integration into the iOS Files app and bypass the Nextcloud pin/password protection and gain...
App pin of the iOS app can be bypassed
None...
PT-2023-21872 · Nextcloud · Nextcloud Ios
Name of the Vulnerable Software and Affected Versions: Nextcloud iOS versions prior to 4.7.0 Description: The issue affects the Nextcloud iOS application, which is used to interface with the Nextcloud home cloud ecosystem. When an attacker has physical access to an unlocked device, they may enabl...
PUB-A-193438173
In TBD of TBD, there is a possible way to access PIN protected settings bypassing PIN confirmation due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Canon LBP6030w - Authentication Bypass
Canon LBP6030w - Authentication Bypass. CVE-2018-12049. Webapps exploit for Hardware platform Exploit Title: Canon LBP6030w - Authentication Bypass Date: 2018-06-07 Exploit Author: Huy Kha Vendor Homepage: http://global.canon.com Version: LBP6030w Severity: High Leads to full System Manager Mode...
Anti-Skimmer Detector for Skimmer Scammers
Crooks who make and deploy ATM skimmers are constantly engaged in a cat-and-mouse game with financial institutions, which deploy a variety of technological measures designed to defeat skimming devices. The latest innovation aimed at tipping the scales in favor of skimmer thieves is a small, batte...
Critical Vulnerability and Privacy LoopHole Found in RoboForm Password Manager
Unless you are a human supercomputer, remembering password is not so easy, and that too if you have a different password for each site. But luckily to make the whole process very easy, there is a growing market out there for password managers and lockers with extra layers of security. But, if you...
[CVE-2013-5112] Evernote Android Insecure Storage of PIN data / Bypass of PIN protection
Evernote Android Insecure Storage of PIN data / Bypass of PIN protection Product: Evernote Android Project Homepage: evernote.com Internal Advisory ID: c22-2013-03 / c22-2013-04 Vulnerable Versions: Android version 5.5.0 and prior Tested Version: Android 5.x Android 4.2/4.3 Vendor Notification: A...
Twitter Downplays SMS-Spoofing Issue
Twitter officials say that a researcher’s claims that the service is open to an SMS-spoofing vulnerability are not completely accurate, and that Twitter users in the United States are not vulnerable to the attack. Moxie Marlinspike of Twitter’s security team said that the company in August had...
Twitter Resolves SMS Bug (For Some Users)
UPDATE–A day after an independant security researcher disclosed a vulnerability in SMS-enabled Twitter accounts, the social network giant announced it’s fixed the flaw – at least for some users. Those who use a “long code” and/or cannot use a PIN code remain at risk. The update came Tuesday eveni...
HITB2011KUL - Chip & PIN - Protocol Analysis EMV POS
Document Title: =============== HITB2011KUL - Chip & PIN - Protocol Analysis EMV POS References: =========== Download: http://www.vulnerability-lab.com/resources/videos/399.wmv View: http://www.youtube.com/watch?v=5zFlqMFWYhc Release Date: ============= 2012-01-25 Vulnerability Laboratory ID VL-I...
HITB2011KUL - Chip & PIN - Protocol Analysis EMV POS
Document Title: =============== HITB2011KUL - Chip & PIN - Protocol Analysis EMV POS References: =========== Download: http://www.vulnerability-lab.com/resources/videos/399.wmv View: http://www.youtube.com/watch?v=5zFlqMFWYhc Release Date: ============= 2012-01-25 Vulnerability Laboratory ID VL-I...
Gentoo Security Advisory GLSA 200812-09 (opensc)
The remote host is missing updates announced in advisory GLSA 200812-09. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200812-09 (opensc)
The remote host is missing updates announced in advisory GLSA 200812-09. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...