242 matches found
Digoo DG-HAMB Smart Home Security System 安全漏洞
The Digoo DG-HAMB Smart Home Security System is a suite of smart home security alarm systems from Digoo. A security vulnerability exists in the Digoo DG-HAMB Smart Home Security System v1.0 firmware version, which stems from a vulnerability that allows an attacker to gain full access, where the...
PT-2023-23455 · Digoo · Digoo Dg-Hamb Smart Home Security System
Name of the Vulnerable Software and Affected Versions: Digoo DG-HAMB Smart Home Security System version 1.0 Description: The issue is related to weak security in the transmitter, allowing attackers to gain full access to the system via a code replay attack. Recommendations: For Digoo DG-HAMB Smar...
CVE-2023-31762
Summary: CVE-2023-31762 concerns the Digoo DG-HAMB Smart Home Security System (v1.0) and its transmitter. The core issue is a weak security design in the transmitter that enables a code replay attack, which could let an attacker gain full system access. The affected component is the transmitter; ...
Security Bulletin: Security bypass vulnerability in SAN Volume Controller and Storwize Family (CVE-2014-0094)
Summary Apache Struts ParametersInterceptor security bypass Vulnerability Details CVEID: CVE-2014-0094 DESCRIPTION: Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in ParametersInterceptor. An attacker could exploit this vulnerability using the clas...
Security Bulletin: Vulnerability in Apache Struts affects SAN Volume Controller, Storwize family and FlashSystem V9000 products (CVE-2017-5638)
Summary A vulnerability in the Apache Struts component affects the Service Assistant GUI of SAN Volume Controller, Storwize family and FlashSystem V9000 products allowing arbitrary code execution. The Command Line Interface is unaffected. Vulnerability Details CVEID: CVE-2017-5638 DESCRIPTION:...
The vulnerability of the connected module “Kaspersky Security System” of the Eltex network interface “ESR-200” allows a intruder to cause a service failure.
The vulnerability of the connected module “Kaspersky Security System” of the Ethernet switch software “Eltex ESR-200” is related to the improper creation of connections. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
Paradox Security Systems IPR512 代码注入漏洞
Paradox Security Systems IPR512 is a communication module from Paradox USA that provides monitoring and management of Paradox devices over the network. A security vulnerability exists in Paradox Security Systems IPR512 version that originates from allowing an attacker to cause a denial of service...
TikTok car theft challenge: Hyundai, Kia fix flaw
Car manufacturer Hyundai, and its subsidiary Kia, began rolling out a free software update on February 14, 2023, to address a flaw in their anti-theft software, which was highlighted in a social media challenge. The release of the update came nine months after an uptick in car theft of the affect...
Trend Micro Deep Security 后置链接漏洞
Trend Micro Deep Security is a server deep security system client from Trend Micro. A security vulnerability exists in Trend Micro Deep Security. No information about this vulnerability is available at this time, so please stay tuned to CNNVD or the vendor announcement...
PT-2022-6460 · Eltex +1 · Eltex Esp-200 +1
Name of the Vulnerable Software and Affected Versions: Eltex ESR-200 affected versions not specified Description: The issue is related to an error in connection establishment in the "Kaspersky Security System" plug-in module of the Eltex ESR-200 firewall's firmware. This could allow a remote...
Security Bulletin: Vulnerabilities in SSL and TLS protocols affects SAN Volume Controller and Storwize Family (CVE-2011-3389)
Summary SSL and TLS vulnerabilities were disclosed in September 2011. This vulnerability has been referred to as the “BEAST” attack. SSL protocol is used by SAN Volume Controller and Storwize Family. Vulnerability Details CVE-ID : CVE-2011-3389 DESCRIPTION : Multiple products could allow a remote...
Sql injection
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/visits/viewvisit.php:4...
Aruba ClearPass Policy Manager Cross-Site Scripting Vulnerability (CNVD-2022-55534)
Aruba ClearPass Policy Manager is an application of Aruba, Inc. that provides a secure access management system for wireless networks. cross-site scripting is present in Aruba ClearPass Policy Manager versions 6.10.4 and earlier, 6.9.9 and earlier, and 6.8.9-HF2 and earlier. vulnerability. An...
new packages: nano
An update is available for nano. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...
new packages: python-lxml
An update is available for python-lxml. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux...
Exploit for Improper Initialization in Linux Linux_Kernel
DirtyPipe-CVE-2022-0847 This repository is d...
Interlogix Hills ComNav 安全漏洞
Interlogix Hills ComNav is a remote access integration module for the Hills Reliance Security Alert System from Interlogix Australia. A security vulnerability exists in Interlogix Hills ComNav that allows a local attacker to brute-force break credentials...
“Ethical Hacker” Stole Half a Million in Crypto Form Elderly Person
By Waqas The victim had hired the "ethical hacker" Aaron Daniel Motta to install a security system in their residence.… This is a post from HackRead.com Read the original post: "Ethical Hacker" Stole Half a Million in Crypto Form Elderly Person...
Security Bulletin: IBM Security Network Intrusion Prevention System is affected by krb5 vulnerabilities (CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423)
Summary Security vulnerabilities have been discovered in krb5 used with IBM Security Intrusion Prevention System. Vulnerability Details CVEID:CVE-2014-5352 DESCRIPTION: MIT krb5 could allow a remote authenticated attacker to execute arbitrary code on the system,, caused by a double-free error in...
Security Bulletin: NTP vulnerability in Network Intrusion Prevention System (CVE-2013-5211)
Summary Security vulnerabilities have been discovered in the NTP component of IBM Security Network Intrusion Prevention System. Vulnerability Details CVEID: CVE-2013-5211 DESCRIPTION: NTP is vulnerable to a denial of service, caused by an error in the monlist feature in ntprequest.c. By sending a...