Lucene search
K

60 matches found

OSV
OSV
added 2023/06/15 11:15 a.m.6 views

CVE-2023-32229

Due to an error in the software interface to the secure element chip on Bosch IP cameras of family CPP13 and CPP14, the chip can be permanently damaged when enabling the Stream security option signing of the video stream with option MD5, SHA-1 or SHA-256...

6.5CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2023/06/15 11:15 a.m.13 views

Design/Logic Flaw

Due to an error in the software interface to the secure element chip on Bosch IP cameras of family CPP13 and CPP14, the chip can be permanently damaged when enabling the Stream security option signing of the video stream with option MD5, SHA-1 or SHA-256...

4CVSS6.5AI score0.0059EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2023/06/15 10:3 a.m.56 views

CVE-2023-32229

CVE-2023-32229 affects Bosch IP cameras in the CPP13/CPP14 families. The issue arises from an error in the software interface to the secure element chip, which can permanently damage the chip when enabling the Stream security option (signing the video stream) with MD5, SHA-1 or SHA-256. Public re...

6.5CVSS6.5AI score0.0059EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/15 10:3 a.m.7 views

CVE-2023-32229

Due to an error in the software interface to the secure element chip on Bosch IP cameras of family CPP13 and CPP14, the chip can be permanently damaged when enabling the Stream security option signing of the video stream with option MD5, SHA-1 or SHA-256...

4.9CVSS7AI score0.0059EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/15 10:3 a.m.28 views

CVE-2023-32229

Due to an error in the software interface to the secure element chip on Bosch IP cameras of family CPP13 and CPP14, the chip can be permanently damaged when enabling the Stream security option signing of the video stream with option MD5, SHA-1 or SHA-256...

4.9CVSS6.7AI score0.0059EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/06/15 12:0 a.m.4 views

PT-2023-23672 · Bosch · Bosch Ip Cameras

Name of the Vulnerable Software and Affected Versions: Bosch IP cameras of family CPP13 and CPP14 affected versions not specified Description: The issue arises from an error in the software interface to the secure element chip. This error can cause permanent damage to the chip when the Stream...

6.5CVSS6.3AI score0.0059EPSS
Exploits0References4
OSV
OSV
added 2021/05/21 12:15 p.m.4 views

CVE-2020-12061

An issue was discovered in Nitrokey FIDO U2F firmware through 1.1. Communication between the microcontroller and the secure element transmits credentials in plain. This allows an adversary to eavesdrop the communication and derive the secrets stored in the microcontroller. As a result, the attack...

9.8CVSS5.6AI score0.01853EPSS
Exploits1References4
Cvelist
Cvelist
added 2021/05/21 11:3 a.m.21 views

CVE-2020-12061

An issue was discovered in Nitrokey FIDO U2F firmware through 1.1. Communication between the microcontroller and the secure element transmits credentials in plain. This allows an adversary to eavesdrop the communication and derive the secrets stored in the microcontroller. As a result, the attack...

9.3AI score0.01853EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/05/21 12:0 a.m.4 views

Nitrokey FIDO U2F 安全漏洞

Nitrokey FIDO2 is an open source security key that supports FIDO2 and U2F standards for strong two-factor authentication and passwordless login. A security vulnerability exists in Nitrokey FIDO U2F firmware version 1.1 and prior versions, which stems from the fact that communications between the...

9.8CVSS8.3AI score0.01853EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2021/05/21 12:0 a.m.3 views

PT-2021-9436 · Nitrokey · Nitrokey Fido U2F

Name of the Vulnerable Software and Affected Versions: Nitrokey FIDO U2F firmware versions through 1.1 Description: An issue in the communication between the microcontroller and the secure element allows an adversary to eavesdrop and derive secrets stored in the microcontroller, enabling arbitrar...

9.8CVSS9.4AI score0.01853EPSS
Exploits1References5
OSV
OSV
added 2020/11/08 5:15 a.m.4 views

CVE-2020-28341

An issue was discovered on Samsung mobile devices with Q10.0 Exynos990 chipsets software. The S3K250AF Secure Element CC EAL 5+ chip allows attackers to execute arbitrary code and obtain sensitive information via a buffer overflow. The Samsung ID is SVE-2020-18632 November 2020...

7.8CVSS7.8AI score0.00185EPSS
Exploits0References1
Prion
Prion
added 2020/11/08 5:15 a.m.24 views

Buffer overflow

An issue was discovered on Samsung mobile devices with Q10.0 Exynos990 chipsets software. The S3K250AF Secure Element CC EAL 5+ chip allows attackers to execute arbitrary code and obtain sensitive information via a buffer overflow. The Samsung ID is SVE-2020-18632 November 2020...

4.6CVSS7.9AI score0.00185EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/11/08 4:3 a.m.29 views

CVE-2020-28341

An issue was discovered on Samsung mobile devices with Q10.0 Exynos990 chipsets software. The S3K250AF Secure Element CC EAL 5+ chip allows attackers to execute arbitrary code and obtain sensitive information via a buffer overflow. The Samsung ID is SVE-2020-18632 November 2020...

8AI score0.00185EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2018/07/26 1:22 p.m.35 views

Titan Security Keys – Google launches its own USB-based FIDO U2F Keys

At Google Cloud Next '18 convention in San Francisco, the company has introduced Titan Security Keys—a tiny USB device, similar to Yubico's YubiKey, that offers hardware-based two-factor authentication for your online accounts with the highest level of protection against phishing attacks. These...

Exploits0
BDU FSTEC
BDU FSTEC
added 2015/10/21 12:0 a.m.5 views

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the Secure Element Evaluation Kit plugin for the Android operating system is related to deficiencies in access control for certain functions. Exploiting this vulnerability can allow a malicious actor, operating remotely, to enhance their privileges through a specially crafted...

9.3CVSS5.5AI score0.00773EPSS
Exploits1References2
NVD
NVD
added 2015/10/06 5:59 p.m.23 views

CVE-2015-6606

The Secure Element Evaluation Kit aka SEEK or SmartCard API plugin in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 22301786...

9.3CVSS6.5AI score0.00773EPSS
Exploits1References1
Prion
Prion
added 2015/10/06 5:59 p.m.20 views

Code injection

The Secure Element Evaluation Kit aka SEEK or SmartCard API plugin in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 22301786...

9.3CVSS7.1AI score0.00773EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2015/10/06 5:59 p.m.25 views

CVE-2015-6606

The Secure Element Evaluation Kit aka SEEK or SmartCard API plugin in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 22301786...

9.3CVSS5.9AI score0.00773EPSS
Exploits1References2
Cvelist
Cvelist
added 2015/10/06 5:0 p.m.23 views

CVE-2015-6606

The Secure Element Evaluation Kit aka SEEK or SmartCard API plugin in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 22301786...

6.5AI score0.00773EPSS
Exploits1References1
CVE
CVE
added 2015/10/06 5:0 p.m.49 views

CVE-2015-6606

CVE-2015-6606 affects the Secure Element Evaluation Kit (SEEK/SmartCard API) plugin in Android up to 5.1.1 LMY48T. The flaw allows a crafted application to gain elevated privileges (Signature or SignatureOrSystem) due to a code-injection flaw in SEEK, enabling privilege escalation. Affected: SEEK...

9.3CVSS6.8AI score0.00773EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder