347 matches found
Hardcoded credentials
Seagate ST500LT015 hard disk drives, when operating in eDrive mode on Lenovo ThinkPad W541 laptops with BIOS 2.21, allow physically proximate attackers to bypass self-encrypting drive SED protection by attaching a second SATA connector to exposed pins, maintaining an alternate power source, and...
Hardcoded credentials
Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when in sleep mode and operating in Opal or eDrive mode on Lenovo ThinkPad T440s laptops with BIOS 2.32; ThinkPad W541 laptops with BIOS 2.21; Dell Latitude E6410 laptops with BIOS A16; or Latitud...
CVE-2015-7268
Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when used on Windows and operating in Opal mode on Lenovo ThinkPad T440s laptops with BIOS 2.32 or ThinkPad W541 laptops with BIOS 2.21, or in Opal or eDrive mode on Dell Latitude E6410 laptops wi...
CVE-2015-7268
The CVE-2015-7268 entry describes a hardware-level vulnerability affecting Samsung 850 Pro/PM851 SSDs and Seagate ST500LT015/ST500LT025 HDDs when used with Windows and specific Opal/eDrive configurations on certain Lenovo/Dell laptops. The issue allows physically proximate attackers to bypass sel...
CVE-2015-7269
Seagate ST500LT015 hard disk drives, when operating in eDrive mode on Lenovo ThinkPad W541 laptops with BIOS 2.21, allow physically proximate attackers to bypass self-encrypting drive SED protection by attaching a second SATA connector to exposed pins, maintaining an alternate power source, and...
CVE-2015-7269
Summary: The CVE-2015-7269 vulnerability affects Seagate ST500LT015 hard drives in Lenovo ThinkPad W541 laptops running BIOS 2.21, where an attacker in close physical proximity can bypass the drive’s self-encrypting drive (SED) protection by a “Hot Unplug Attack" using a second SATA connector and...
CVE-2015-7267
The CVE-2015-7267 entry applies to Samsung 850 Pro/PM851 SSDs and Seagate ST500LT015/ST500LT025 HDDs used in Lenovo ThinkPad T440s (BIOS 2.32) and W541 (BIOS 2.21), Dell Latitude E6410 (BIOS A16), and Latitude E6430 (BIOS A16). It describes a physical-access risk where, when the drives operate in...
CVE-2015-7267
Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when in sleep mode and operating in Opal or eDrive mode on Lenovo ThinkPad T440s laptops with BIOS 2.32; ThinkPad W541 laptops with BIOS 2.21; Dell Latitude E6410 laptops with BIOS A16; or Latitud...
seagate-trogir.com XSS vulnerability
Open Bug Bounty ID: OBB-400598 Description| Value ---|--- Affected Website:| seagate-trogir.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Chea...
seagate-trogir.com XSS vulnerability
Vulnerable URL: http://www.seagate-trogir.com/searchResult.php?lang=%27%22/%3E%3Cscript%3Ealert/OPENBUGBOUNTY/;%3C/script%3E=16=Search Details: Description| Value ---|--- Patched:| No Latest check for patch:| 18.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank...
CVE-2013-6924
Seagate BlackArmor NAS devices with firmware sg2000-2000.1331 allow remote attackers to execute arbitrary commands via shell metacharacters in the ip parameter to backupmgt/getAlias.php...
Design/Logic Flaw
Seagate BlackArmor NAS devices with firmware sg2000-2000.1331 allow remote attackers to execute arbitrary commands via shell metacharacters in the ip parameter to backupmgt/getAlias.php...
CVE-2013-6924
Seagate BlackArmor NAS devices with firmware sg2000-2000.1331 allow remote attackers to execute arbitrary commands via shell metacharacters in the ip parameter to backupmgt/getAlias.php...
CVE-2013-6924
Affected product: Seagate BlackArmor NAS sg2000-2000.1331. Vulnerability details: The firmware exposes an HTTP parameter in backupmgt/getAlias.php where a user-supplied ip value is used in shell commands (via grep/exec) without proper sanitization, allowing manipulation of the command line. This ...
Design/Logic Flaw
Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute arbitrary code with root privileges by leveraging use of a static encryption key to create session tokens...
CVE-2014-8687
Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute arbitrary code with root privileges by leveraging use of a static encryption key to create session tokens...
CVE-2014-8687
Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute arbitrary code with root privileges by leveraging use of a static encryption key to create session tokens...
CVE-2014-8687
CVE-2014-8687 affects Seagate Business NAS devices with firmware older than 2015.00322. The vulnerability allows remote code execution with root privileges by exploiting a static encryption key used to create session tokens, enabling unauthenticated command execution via the CodeIgniter session c...
Seagate Business NAS - Unauthenticated Remote Command Execution Exploit
Exploit for linux platform in category web applications This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class MetasploitModule 'Seagate Business NAS Unauthenticated Remote...
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 7.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...