CVE-2021-27408

The affected product is vulnerable to an out-of-bounds read, which can cause information leakage leading to arbitrary code execution if chained to the out-of-bounds write vulnerability on the Welch Allyn medical device management tools Welch Allyn Service Tool: versions prior to v1.10, Welch Ally...

CVE-2023-53958

LDAP Tool Box Self Service Password 1.5.2 contains a password reset vulnerability that allows attackers to manipulate HTTP Host headers during token generation. Attackers can craft malicious password reset requests that generate tokens sent to a controlled server, enabling potential account...

EUVD-2019-3556

Malware in sbrugna...

CVE-2024-50593

An attacker with local access to the medical office computer can access restricted functions of the Elefant Service tool by using a hard-coded "Hotline" password in the Elefant service binary, which is shipped with the software...

CVE-2024-50593

CVE-2024-50593 affects the Elefant Service tool; a local attacker can access restricted functions via a hard-coded "Hotline" password embedded in the Elefant service binary, which is shipped with the software. Affected component is the Elefant Service binary used by HASOMED Elefant. The root caus...

PT-2024-34348 · Unknown · Elefant Service Tool

Name of the Vulnerable Software and Affected Versions: Elefant Service tool affected versions not specified Description: An attacker with local access to the medical office computer can access restricted functions of the Elefant Service tool by using a hard-coded Hotline password in the Elefant...

Rorschach Ransomware Emerges: Experts Warn of Advanced Evasion Strategies

Cybersecurity researchers have taken the wraps off a previously undocumented ransomware strain called Rorschach that's both sophisticated and fast. "What makes Rorschach stand out from other ransomware strains is its high level of customization and its technically unique features that have not be...

Hitachi Energy Relion 670, 650 and SAM600-IO Series

1. EXECUTIVE SUMMARY CVSS v3 4.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Relion 670, 650, and SAM600-IO Series Vulnerability: Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability could cause...

CVE-2021-27408

The affected product is vulnerable to an out-of-bounds read, which can cause information leakage leading to arbitrary code execution if chained to the out-of-bounds write vulnerability on the Welch Allyn medical device management tools Welch Allyn Service Tool: versions prior to v1.10, Welch Ally...

Mmemed Welch Allyn Connex 缓冲区错误漏洞

The Mmemed Welch Allyn Connex is an industrial control device from the Spanish company Mmemed. An advanced touch screen monitor. A buffer error vulnerability exists in Hillrom Welch Allyn, which arises from out-of-bounds reads and writes, and successful exploitation of this vulnerability could...

shadowbroker

This repository, Zam-0703/shadowbroker, contains a collection of exploits and tools for various vulnerabilities. The repository was created by the Shadow Brokers, a group known for releasing stolen NSA hacking tools. The repository includes exploits for several vulnerabilities, including:...

CVE-2019-11898

Unauthorized APE administration privileges can be achieved by reverse engineering one of the APE service tools. The service tool is discontinued with Bosch Access Professional Edition APE 3.8...

CVE-2019-11898

The CVE-2019-11898 entry concerns Bosch Access Professional Edition (APE) service tools. Affected component: APE service tools used with Bosch APE; root cause: unauthorized admin privileges achieved by reverse engineering one of the APE service tools. Impact: attacker could gain administrative pr...

Siemens SIMATIC Prosave Detection (Windows SMB Login)

SMB login-based detection of Siemens SIMATIC Prosave. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Local Elevation of Privilege Vulnerability in Multiple EMC Unity Products

The Dell EMC Unity Operating Environment OE is a set of operating environments used in EMC Unity storage systems from Dell Inc. in the U.S. UnityVSA is another version of it. A security vulnerability exists in Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and Dell EMC UnityVSA OE versions 4.3.0....

mstream DDoS Agent Detection

The remote host appears to be running a mstream agent, which is a trojan that can be used to control your system or make it attack another network this is actually called a distributed denial of service attack tool It is very likely that this host has been compromised %NASLMINLEVEL 70300 C Tenabl...