EUVD-2007-2018

Malware in sbrugna...

EUVD-2021-33069

Malicious code in bioql PyPI...

Ford says it’s safe to drive its cars with a WiFi vulnerability

Ford has released information about a buffer overflow vulnerability in its SYNC 3 infotainment system. Ford learned from a supplier that a security researcher had discovered a vulnerability in the Wi-Fi software driver supplied for use in the SYNC 3 infotainment system available on some Ford and...

CVE-2022-45440

A vulnerability exists in the FTP server of the Zyxel AX7501-B0 firmware prior to V5.17ABPC.3C0, which processes symbolic links on external storage media. A local authenticated attacker with administrator privileges could abuse this vulnerability to access the root file system by creating a...

CVE-2022-45440

The CVE-2022-45440 issue affects Zyxel AX7501-B0 firmware prior to V5.17(ABPC.3)C0, where the FTP server processes symbolic links on external storage. A local attacker with administrator privileges can abuse this to access the device’s root filesystem by creating a symbolic link on a USB/external...

Lepin EP-KP001 KP001_V19 Authentication Bypass Vulnerability

When analyzing the USB flash drive Lepin EP-KP001, Matthias Deeg found out that it uses an insecure hardware design which allows an attacker to bypass the password-based user authentication. Product: EP-KP001 Manufacturer: Lepin Affected Versions: KP001V19 Tested Versions: KP001V19 Vulnerability...

Lepin EP-KP001 KP001_V19 Authentication Bypass

Advisory ID: SYSS-2022-024 Product: EP-KP001 Manufacturer: Lepin Affected Versions: KP001V19 Tested Versions: KP001V19 Vulnerability Type: Violation of Secure Design Principles CWE-657 Risk Level: High Solution Status: Open Manufacturer Notification: 2022-04-12 Solution Date: - Public Disclosure:...

Design/Logic Flaw

An access control issue in the authentication module of LexarF35 v1.0.34 allows attackers to access sensitive data and cause a Denial of Service DoS. An attacker without access to securely protected data on a secure USB flash drive can bypass user authentication without having any information...

CVE-2021-46390

CVE-2021-46390 – Lexar_F35 v1.0.34 exhibits an access-control flaw in the authentication module of a Lexar USB flash drive. The vulnerability allows a local attacker with physical access to bypass password authentication by analyzing and manipulating the returned password verification/comparison ...

Lexar_F35 授权问题漏洞

LexarF35 is a USB flash drive from Lexar Corporation. A security vulnerability exists in LexarF35 version 1.0.34, which originates from an access control issue in the authentication module. The vulnerability can be exploited by an attacker to access sensitive data and cause a denial of service Do...

PlayStation: size_t-to-int vulnerability in exFAT leads to memory corruption via malformed USB flash drives

Summary A heap-based buffer overflow can be triggered by a malformed exFAT USB flash drive. Vulnerability The vulnerability is in Sony's exFAT implementation where there is an integer truncation from 64bit to 32bit on a size variable that is used to allocate the up-case table: c int...

IBM Security Network Protection / IBM QRadar Network Security / XGS Technote Index

Question What Technotes exist for the IBM Security Network Protection / IBM QRadar Network Security XGS sensor? Answer The content below includes a list of all technical notes published under IBM Security Network Protection / IBM QRadar Network Security by category and sorted by popularity. Users...

Cisco Secure Web Appliance Elevation of Privilege Vulnerability

Cisco AsyncOS is an operating system for Cisco devices from Cisco USA. Cisco AsyncOS for the Cisco Secure Web Appliance suffers from an operating system command injection vulnerability that stems from insufficient validation of user-supplied web interface and CLI input. The vulnerability can be...

Cisco AnyConnect SBL 4.3.04027 Local Privilege Escalation (CVE-2017-3813)

Run CMD.EXE with system privileges 1. Start Cisco anyconnect from logon screen. 2. Once the Cisco app comes up where you can select a profile and hit connect hold CTRL and hit B. 3. When the Cisco about window appears then select the URL at the bottom. This will open Internet Explorer or you can...

Cisco AnyConnect SBL 4.3.04027 Local Privilege Escalation

Exploit Title: Cisco AnyConnect Start Before Logon SBL local privilege escalation. CVE-2017-3813 Date: 02/27/2017 Exploit Author: @Pcchillin Software Link: http://www.cisco.com/c/en/us/support/security/anyconnect-secure-mobility-client/tsd-products-support-series-home.html Version: 4.3.04027 and...

Cisco AnyConnect Secure Mobility Client 4.3.04027 - Local Privilege Escalation

Cisco AnyConnect Secure Mobility Client 4.3.04027 - Local Privilege Escalation Exploit Title: Cisco AnyConnect Start Before Logon SBL local privilege escalation. CVE-2017-3813 Date: 02/27/2017 Exploit Author: @Pcchillin Software Link:...

Anonymous Offline Communications System: PirateBox

Anonymous Offline Communications System PirateBox creates offline wireless networks designed for anonymous file sharing, chatting, message boarding, and media streaming. You can think of it as your very own portable offline Internet in a box! When users join the PirateBox wireless network and ope...

NetworkMiner 2.0 - Network Forensic Analysis Tool (NFAT)

NetworkMiner is a Network Forensic Analysis Tool NFAT for Windows but also works in Linux / Mac OS X / FreeBSD. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the...

Windows Shell LNK file CONTROL item command execution

Added: 07/22/2010 CVE: CVE-2010-2568 BID: 41732 OSVDB: 66387 Background Microsoft Windows supports LNK files, also known as shortcuts, which are references to other files. Shortcuts can be placed in a location which is convenient for users such as the Desktop or Start menu, from which they can be...

Windows Shell LNK file CONTROL item command execution

Added: 07/22/2010 CVE: CVE-2010-2568 BID: 41732 OSVDB: 66387 Background Microsoft Windows supports LNK files, also known as shortcuts, which are references to other files. Shortcuts can be placed in a location which is convenient for users such as the Desktop or Start menu, from which they can be...