16 matches found
EUVD-2019-6364
Malware in sbrugna...
EUVD-2012-4781
Malware in sbrugna...
CVE-2020-7579
A vulnerability has been identified in Spectrum Power™ 5 All versions v5.50 HF02. The web server could allow Cross-Site Scripting XSS attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. If deployed according to...
CVE-2019-15363
The Leagoo Power 5 Android device with a build fingerprint of LEAGOO/Power5/Power5:8.1.0/O11019/1532686195:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a...
Cross site scripting
A vulnerability has been identified in Spectrum Power™ 5 All versions v5.50 HF02. The web server could allow Cross-Site Scripting XSS attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. If deployed according to...
CVE-2020-7579
CVE-2020-7579 affects Siemens Spectrum Power 5 web server, with all versions prior to 5.50 HF02 vulnerable to basic Cross‑Site Scripting (XSS). The flaw arises in the web interface where script-related HTML tags are not properly neutralized, allowing an attacker to lure a user to a malicious link...
Siemens Spectrum Power 5
1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Spectrum Power 5 Vulnerability: Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS 2. RISK EVALUATION Successful exploitation of this vulnerability could...
CVE-2019-15363
The Leagoo Power 5 Android device with a build fingerprint of LEAGOO/Power5/Power5:8.1.0/O11019/1532686195:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a...
Authorization
The Leagoo Power 5 Android device with a build fingerprint of LEAGOO/Power5/Power5:8.1.0/O11019/1532686195:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a...
CVE-2019-15363
The Leagoo Power 5 Android device with a build fingerprint of LEAGOO/Power5/Power5:8.1.0/O11019/1532686195:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a...
CVE-2019-15363
CVE-2019-15363 affects the Leagoo Power 5 Android device (build fingerprint LEAGOO/Power_5/Power_5:8.1.0/O11019/1532686195:user/release-keys). A pre-installed app with package name com.mediatek.wfo.impl (versionCode 27, versionName 8.1.0) exposes an interface that allows any co-located app to mod...
CVE-2012-4856
The Service Processor in the IBM Power 5 91- and 940- before SF240418382 does not ensure that firewall code is executed, which allows remote attackers to execute arbitrary code via unspecified vectors...
Code injection
The Service Processor in the IBM Power 5 91- and 940- before SF240418382 does not ensure that firewall code is executed, which allows remote attackers to execute arbitrary code via unspecified vectors...
CVE-2012-4856
The CVE-2012-4856 vulnerability affects the IBM Power 5 Service Processor (multiple MTMs listed in vendor advisories) where the firewall code is not executed in certain network configurations, enabling remote attackers to execute arbitrary code. The underlying issue is the Service Processor faili...
CVE-2012-4856
The Service Processor in the IBM Power 5 91- and 940- before SF240418382 does not ensure that firewall code is executed, which allows remote attackers to execute arbitrary code via unspecified vectors...
IBM Power 5 Service Processor privilege escalation vulnerability
Overview IBM Power 5 Service Processor contain a vulnerability which could allow an attacker to operate with elevated privileges. Description IBM's security advisory states, "A security issue has been identified on IBM Power 5 Systems such that the firewall code does not get executed in certain...