Net-Worm.Win32.Kibuv.c / Authentication Bypass
Posted by malvuln on Apr 27 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/4243911d5ca5655d04de8895704fcae6.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
Backdoor.Win32.Jokerdoor / Remote Stack Buffer Overflow
Posted by malvuln on Apr 27 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/94d1b2510bf96fa6190cd65876bf4c38.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
Trojan-Banker.Win32.Banker.heq / Insecure Permissions
Posted by malvuln on Apr 27 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/f15d05f74899324ecb61ee29ad162fad.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
SEC Consult SA-20220427-0 :: Privilege Escalation in Miele Benchmark Programming Tool
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Apr 27 SEC Consult Vulnerability Lab Security Advisory < 20220427-0 > ======================================================================= title: Privilege Escalation...
Trovent Security Advisory 2108-02 / Zepp: User account enumeration in password reset function
Posted by Stefan Pietsch on Apr 27 # Trovent Security Advisory 2108-02 # ##################################### User account enumeration in password reset function ################################################### Overview ######## Advisory...
CVE-2021-34591
In Bender/ebee Charge Controllers in multiple versions are prone to Local privilege Escalation. An authenticated attacker could get root access via the suid applications socat,...
CVE-2021-34590
In Bender/ebee Charge Controllers in multiple versions are prone to Cross-site Scripting. An authenticated attacker could write HTML Code into configuration values. These values are...
CVE-2021-34589
In Bender/ebee Charge Controllers in multiple versions are prone to an RFID leak. The RFID of the last charge event can be read without authentication...
CVE-2021-34588
In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export. Backup export is protected via a random key. The key is set...
CVE-2021-34587
In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to...