138 matches found
kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver
A vulnerability was found in the Linux kernel's Marvell WiFi chip driver. Where, while parsing vendor-specific informational attributes, an attacker on the same WiFi physical network segment could cause a system crash, resulting in a denial of service, or potentially execute arbitrary code. This...
kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver
A vulnerability was found in the Linux kernel's Marvell WiFi chip driver. Where, while parsing vendor-specific informational attributes, an attacker on the same WiFi physical network segment could cause a system crash, resulting in a denial of service, or potentially execute arbitrary code. This...
CVE-2019-12328
A command injection missing input validation issue in the remote phonebook configuration URI in the web interface of the Atcom A10W VoIP phone with firmware 2.6.1a2421 allows an authenticated remote attacker in the same network to trigger OS commands via shell metacharacters in a POST request...
CVE-2019-5964
iDoors Reader 2.10.17 and earlier allows an attacker on the same network segment to bypass authentication to access the management console and operate the product via unspecified vectors...
CVE-2018-16219
A missing password verification in the web interface in AudioCodes 405HD VoIP phone with firmware 2.2.12 allows an remote attacker in the same network as the device to change the admin password without authentication via a POST request...
CVE-2019-9938
The SHAREit application before 4.0.42 for Android allows a remote attacker on the same network or joining public "open" Wi-Fi hotspots created by the application when file transfer is initiated to download arbitrary files from the device including contacts, photos, videos, sound clips, etc. The...
CVE-2018-16200
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an attacker on the same network segment to execute arbitrary OS commands...
CVE-2018-16198
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier may allow an attacker on the same network segment to access a non-documented developer screen to perform operations on the affected device...
CVE-2018-16186
RICOH Interactive Whiteboard D2200 V1.1 to V2.2, D5500 V1.1 to V2.2, D5510 V1.1 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.1 to V2.2 attached D5520, D6500, D6510, D7500, D8400, and the display versions with RICOH Interactive Whiteboard Controller Type2 V3....
CVE-2018-16192
Aterm WF1200CR and Aterm WG1200CR Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier allow an attacker on the same network segment to obtain information registered on the device via unspecified vectors...
USN-3807-1 network-manager vulnerability
Felix Wilhelm discovered that the NetworkManager internal DHCPv6 client incorrectly handled certain DHCPv6 messages. In non-default configurations where the internal DHCP client is enabled, an attacker on the same network could use this issue to cause NetworkManager to crash, resulting in a denia...
CVE-2018-0662
Multiple I-O DATA network camera products TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier allow an attacker on the same network segment to add malicious files on the device and execute arbitrary code...
CVE-2017-1183
IBM Tivoli Monitoring Portal v6 could allow a local network adjacent attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. IBM X-Force ID: 123494...
CVE-2016-7830
Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on the same network segment to bypass authentication to perform administrative operations via...
Broadcom WiFi SoC Privilege Acquisition Vulnerability
The WiFi SoC is a Wifie NIC chip from Broadcom Corporation. The Broadcom WiFi SoC contains a privilege acquisition vulnerability that can be exploited by an attacker to completely take over a device that is using a Broadcom wireless card on the same WiFi network and does not require interaction...
Secure Item Hub Arbitrary File Upload Vulnerability
Secure Item Hub app is able to transfer files between iphone or ipad and computer on the same wifi network. Secure Item Hub has an arbitrary file upload vulnerability that can be exploited by remote attackers to upload files and obtain sensitive information...
Secure Item Hub Persistent Input Validation Vulnerability
Secure Item Hub app is able to transfer files between iphone or ipad and computer on the same wifi network. A persistent input validation vulnerability exists in Secure Item Hub, which could allow a remote attacker to inject malicious persistent script code on the application side of the mobile a...
Fiat Chrysler Automobiles Uconnect Remote Elevation of Privilege Vulnerability
Fiat Chrysler Automobiles Uconnect is a suite of in-car information systems from Fiat Chrysler Automobiles FCA in the United States. An unspecified vulnerability exists in Fiat Chrysler Automobiles Uconnect 15.26.1. A remote attacker on the same mobile network could exploit this vulnerability by...