EUVD-2019-10554

Malware in sbrugna...

EUVD-2017-4264

Malware in sbrugna...

CVE-2024-20354

A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point AP Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on the affected device. This vulnerability is due to incomplete cleanup of resources when dropping...

Canon DSLR Cameras Can Be Hacked With Ransomware Remotely

The threat of ransomware is becoming more prevalent and severe as attackers' focus has now moved beyond computers to smartphones and other Internet-connected smart devices. In its latest research, security researchers at cybersecurity firm CheckPoint demonstrated how easy it is for hackers to...

Memory corruption

Blipcare Wifi blood pressure monitor BP700 10.1 devices allow memory corruption that results in Denial of Service. When connected to the "Blip" open wireless connection provided by the device, if a large string is sent as a part of the HTTP request in any part of the HTTP headers, the device coul...

CVE-2017-11580

Blipcare Wifi blood pressure monitor BP700 10.1 devices allow memory corruption that results in Denial of Service. When connected to the "Blip" open wireless connection provided by the device, if a large string is sent as a part of the HTTP request in any part of the HTTP headers, the device coul...

CVE-2019-1997

In randomgetbytes of random.c, there is a possible degradation of randomness due to an insecure default value. This could lead to local information disclosure via an insecure wireless connection with no additional execution privileges needed. User interaction is not needed for exploitation...

Information disclosure

In randomgetbytes of random.c, there is a possible degradation of randomness due to an insecure default value. This could lead to local information disclosure via an insecure wireless connection with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2019-1997

In randomgetbytes of random.c, there is a possible degradation of randomness due to an insecure default value. This could lead to local information disclosure via an insecure wireless connection with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2019-1997

CVE-2019-1997 affects Android’s random.c: In random_get_bytes, an insecure default value degrades randomness, enabling local information disclosure over an insecure wireless connection with no user interaction. Affected Android versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9. Exploitation context: netwo...

CVE-2019-1997

In randomgetbytes of random.c, there is a possible degradation of randomness due to an insecure default value. This could lead to local information disclosure via an insecure wireless connection with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2017-12725

A Use of Hard-coded Credentials issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The pump with default network configuration uses hard-coded credentials to automatically establish a wireless network connection. The pump will establis...

NETGEAR R7000 - Cross-Site Scripting

NETGEAR R7000 - Cross-Site Scripting Exploit Title: Netgear R7000 - XSS via. DHCP hostname Date: 11-12-2016 Exploit Author: Vincent Yiu Contact: https://twitter.com/vysecurity Vendor Homepage: https://www.netgear.com/ Category: Hardware / WebApp Version: V1.0.7.21.1.93 + LATEST to date...

Netgear R7000 - Cross-Site Scripting

Exploit Title: Netgear R7000 - XSS via. DHCP hostname Date: 11-12-2016 Exploit Author: Vincent Yiu Contact: https://twitter.com/vysecurity Vendor Homepage: https://www.netgear.com/ Category: Hardware / WebApp Version: V1.0.7.21.1.93 + LATEST to date -Vulnerability An user who has access to send...

Netgear R7000 - Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Netgear R7000 - XSS via. DHCP hostname Date: 11-12-2016 Exploit Author: Vincent Yiu Contact: https://twitter.com/vysecurity Vendor Homepage: https://www.netgear.com/ Category: Hardware / WebApp Version: V1.0.7.21.1.93 +...

WiFi-Pumpkin v0.7.5 - Framework for Rogue Wi-Fi Access Point Attack

WiFi-Pumpkin is a security tool that provides the Rogue access point to Man-In-The-Middle and network attacks. Installation Kali 2.0/WifiSlax 4.11.1/Parrot 2.0.5 Python 2.7 git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git cd WiFi-Pumpkin chmod +x installer.sh ./installer.sh --install refer t...

(0Day) (Mobile Pwn2Own) Samsung SBeam Image Remote Information Disclosure Vulnerability

This vulnerability allows remote attackers to copy images from vulnerable installations of Samsung SBeam. User interaction is required to exploit this vulnerability in that the target must be within range of a hostile NFC transmitter. The specific flaw exists within the handling of the SBeam...

Air Transfer Iphone 1.3.9 Arbitrary File Download

Exploit Title: Air Transfer Iphone v1.3.9 -Remote crash, Broken Authentication file download and Memo Access. Date: 08/23/2014 Author: Samandeep Singh SaMaN - @samanL33T Vendor Homepage:http://www.darinsoft.co.kr/subhtmls/airtransferguide.html...

Updated hplip package fixes security vulnerabilities

It was discovered that the HPLIP Polkit daemon incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files. CVE-2013-6402 It was discovered that HPLIP contained an upgrade tool that would download code in an unsafe fashion. If a remote attacker...

MGASA-2014-0033 Updated hplip package fixes security vulnerabilities

It was discovered that the HPLIP Polkit daemon incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files. CVE-2013-6402 It was discovered that HPLIP contained an upgrade tool that would download code in an unsafe fashion. If a remote attacker...