EUVD-2019-4862

Malware in sbrugna...

EUVD-2014-2424

Malware in sbrugna...

EUVD-2023-59147

Malicious code in bioql PyPI...

EUVD-2021-9631

Malicious code in bioql PyPI...

CVE-2024-23726

Ubee DDW365 XCNDDW365 devices have predictable default WPA2 PSKs that could lead to unauthorized remote access. A remote attacker in proximity to a Wi-Fi network can derive the default WPA2-PSK value by observing a beacon frame. A PSK is generated by using the first six characters of the SSID and...

CVE-2020-36245

GramAddict through 1.2.3 allows remote attackers to execute arbitrary code because of use of UIAutomator2 and ATX-Agent. The attacker must be able to reach TCP port 7912, e.g., by being on the same Wi-Fi network...

CVE-2020-11926

An issue was discovered in Luvion Grand Elite 3 Connect through 2020-02-25. Clients can authenticate themselves to the device using a username and password. These credentials can be obtained through an unauthenticated web request, e.g., for a JavaScript file. Also, the disclosed information...

CVE-2024-45242

EnGenius ENH1350EXT A8J-ENH1350EXT devices through 3.9.3.2c1.9.51 allow blind OS Command Injection via shell metacharacters to the Ping or Speed Test utility. During the time of initial setup, the device creates an open unsecured network whose admin panel is configured with the default credential...

CVE-2024-45242

EnGenius ENH1350EXT A8J-ENH1350EXT devices up to 3.9.3.2_c1.9.51 are affected by a blind OS command injection via shell metacharacters in the Ping/Speed Test utilities. A window during initial setup creates an open unsecured network with default admin/admin credentials, allowing a nearby attacker...

CVE-2024-45242

EnGenius ENH1350EXT A8J-ENH1350EXT devices through 3.9.3.2c1.9.51 allow blind OS Command Injection via shell metacharacters to the Ping or Speed Test utility. During the time of initial setup, the device creates an open unsecured network whose admin panel is configured with the default credential...

[SECURITY] Fedora 40 Update: iwd-2.21-1.fc40

The daemon and utilities for controlling and configuring the Wi-Fi network hardware...

CVE-2024-41689 Hard-coded Credentials Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA/ WPS credentials within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext WP...

CVE-2024-36472

In GNOME Shell through 45.7, a portal helper can be launched automatically without user confirmation based on network responses provided by an adversary e.g., an adversary who controls the local Wi-Fi network, and subsequently loads untrusted JavaScript code, which may lead to resource consumptio...

Fedora 40 : iwd (2024-3fa713f2e0)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-3fa713f2e0 advisory. iwd 2.16: Fix issue with uninitialized variable and DPP encrypt. Fix issue with Access Point mode and ATTRMAC validation. Fix issue with Access Poin...

Fedora 40 : iwd / libell (2024-58c59bfa4c)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-58c59bfa4c advisory. iwd 2.15: Fix issue with notice events for connection timeouts. Fix issue with reason code and deauthenticate event. Fix issue with handling basename...

CVE-2023-6951

A Use of Weak Credentials vulnerability affecting the Wi-Fi network generated by a set of DJI drones could allow a remote attacker to derive the WPA2 PSK key and authenticate without permission to the drone’s Wi- Fi network. This, in turn, allows the attacker to perform unauthorized interaction...

CVE-2023-6951

A Use of Weak Credentials vulnerability affecting the Wi-Fi network generated by a set of DJI drones could allow a remote attacker to derive the WPA2 PSK key and authenticate without permission to the drone’s Wi- Fi network. This, in turn, allows the attacker to perform unauthorized interaction...

CVE-2023-6951

CVE-2023-6951 concerns a Use of Weak Credentials affecting DJI drone Wi‑Fi networks (Mavic 3 Pro <= v01.01.0300, Mavic 3 <= v01.00.1200, Mavic 3 Classic <= v01.00.0500, Mavic 3 Enterprise <= v07.01.10.03, Matrice 300 <= v57.00.01.00, Matrice M30 <= v07.01.0022, Mini 3 Pro

Fedora: Security Advisory (FEDORA-2024-3fa713f2e0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: iwd-2.15-1.fc39

The daemon and utilities for controlling and configuring the Wi-Fi network hardware...