Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.9 views

CVE-2026-50226

Fixed AES-128-CBC keys inside the AcerConnect OTA application let attackers forge authorization credentials for arbitrary IMEI numbers. This allows unauthorized actors to list catalog items and extract protected binaries from pre-signed cloud links...

6.9CVSS5.6AI score0.00187EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 9:34 a.m.15 views

CVE-2026-50226

CVE-2026-50226 affects the AcerConnect OTA application. The issue arises from fixed AES-128-CBC keys inside the app, allowing attackers to forge authorization credentials for arbitrary IMEI numbers. This enables unauthorized actors to list catalog items and extract protected binaries from pre-sig...

6.9CVSS5.9AI score0.00187EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/04 12:0 a.m.13 views

CVE-2026-36176

GNCC GP5 v7.1.76 stores pre-signed Backblaze B2 upload URLs (PUT requests) in plaintext on the serial console. This enables physically proximate attackers to extract active tokens and perform unauthorized operations via the serial UART interface. Root cause: tokens exposed in plaintext to the con...

7.1CVSS5.8AI score0.00103EPSS
Exploits0References2
NCSC
NCSC
added 2024/04/19 12:0 a.m.6 views

Vulnerabilities fixed in Owncloud

Vulnerabilities have been fixed in Owncloud. A malicious party could exploit the vulnerabilities to cause a denial-of-service cause, or to bypass authentication and gain access to the victim's data. Owncloud has released updates to fix the vulnerabilities in Owncloud. For more information, see:...

7.4AI score
Exploits0
Rows per page
Query Builder