6 matches found
CVE-2024-29840
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on DESKTOPEDITUSERGETPINFIELDS, allowing for an unauthenticated attacker to return the pin value of any user...
CVE-2024-29840
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on DESKTOPEDITUSERGETPINFIELDS, allowing for an unauthenticated attacker to return the pin value of any user...
CVE-2016-2439
Buffer overflow in btif/src/btifdm.c in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows remote attackers to execute arbitrary code via a long PIN value, aka internal bug 27411268...
Janitza UMG Session Token Flaw Vulnerability
The Janitza UMG is an online power quality monitor for the energy industry from Janitza Germany. Janitza UMG 508, 509, 511, 604,605 has a session-token flaw. Allows a remote attacker to perform calculations on the session-token value and determine the PIN value...
CVE-2015-3973
Janitza UMG 508, 509, 511, 604, and 605 devices improperly generate session tokens, which makes it easier for remote attackers to determine a PIN value via unspecified computations on session-token values...
CVE-2015-3973
Janitza UMG 508, 509, 511, 604, and 605 devices improperly generate session tokens, which makes it easier for remote attackers to determine a PIN value via unspecified computations on session-token values...