Month: April 2022

Posted by malvuln on Apr 27 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/f15d05f74899324ecb61ee29ad162fad.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Apr 27 SEC Consult Vulnerability Lab Security Advisory < 20220427-0 > ======================================================================= title: Privilege Escalation...

Posted by Stefan Pietsch on Apr 27 # Trovent Security Advisory 2108-02 # ##################################### User account enumeration in password reset function ################################################### Overview ######## Advisory...

In Bender/ebee Charge Controllers in multiple versions are prone to Local privilege Escalation. An authenticated attacker could get root access via the suid applications socat,...

In Bender/ebee Charge Controllers in multiple versions are prone to Cross-site Scripting. An authenticated attacker could write HTML Code into configuration values. These values are...

In Bender/ebee Charge Controllers in multiple versions are prone to an RFID leak. The RFID of the last charge event can be read without authentication...

In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export. Backup export is protected via a random key. The key is set...

In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to...

IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information from another user's dashboard providing the dashboard ID of...