Pioneer DMH-WT7600NEX 数据伪造问题漏洞

The Pioneer DMH-WT7600NEX is a multimedia digital media receiver from Pioneer. The Pioneer DMH-WT7600NEX suffers from a Data Forgery Issue vulnerability that stems from insufficient validation of software updates and could lead to the execution of arbitrary code...

SONY XAV-AX5500 Code Execution Vulnerability

The SONY XAV-AX5500 is a 7-inch in-vehicle center console with a wide range of functions and advanced technical features. A code execution vulnerability exists in the SONY XAV-AX5500 that stems from a lack of proper validation of software update packages and can be exploited by an attacker to...

CVE-2020-10126

CVE-2020-10126 concerns NCR SelfServ ATMs running APTRA XFS 05.01.00 . The issue is that the update process during boot does not validate the signature of CAB archives on removable media, causing arbitrary code execution with SYSTEM privileges when updating the BNA (bunch note acceptor). An attac...

CVE-2018-9084

CVE-2018-9084 affects Lenovo System Management Module (SMM) firmware prior to 1.06. If an attacker logs into the device OS, the validation of software updates can be circumvented. The Lenovo advisory LEN-24374 recommends upgrading SMM firmware to the stated level for your model and applying stand...