Overview Acronis True Image, Cyber Backup, and Cyber Protection all contain privilege escalation vulnerabilities, which can allow an unprivileged Windows user to be able to run arbitrary code with SYSTEM privileges. Description...
Read MoreOverview The Microsoft Windows Netlogon Remote Protocol (MS-NRPC) reuses a known, static, zero-value initialization vector (IV) in AES-CFB8 mode. This allows an unauthenticated attacker to impersonate a domain-joined computer,...
Read MoreOverview Multiple vulnerabilities exist in various Video Over IP (Internet Protocol) encoder devices, also known as IPTV/H.264/H.265 video encoders. These vulnerabilities allow an unauthenticated remote attacker to execute...
Read MoreOverview Devices supporting both Bluetooth BR/EDR and LE using Cross-Transport Key Derivation (CTKD) for pairing are vulnerable to key overwrite, which enables an attacker to to gain additional access to profiles or services...
Read MoreOverview NCR SelfServ automated teller machines (ATMs) running APTRA XFS 05.01.00 or older are vulnerable to physical attacks on the communications bus between the currency dispenser component and the host computer. Description...
Read MoreOverview NCR SelfServ automated teller machines (ATMs) running APTRA XFS 05.01.00 or older are vulnerable to physical attacks on the communications bus between the currency dispenser component and the host computer. Description...
Read MoreOverview Diebold Nixdorf 2100xe USB automated teller machines (ATMs) are vulnerable to physical attacks on the communication channel between the cash and check deposit module (CCDM) and the host computer. An attacker with...
Read MoreOverview NCR SelfServ automated teller machines (ATMs) running APTRA XFS 04.02.01 and 05.01.00 are vulnerable to physical attacks on the communications bus between the host computer and the bunch note accepter (BNA). Description...
Read MoreOverview The GRUB2 boot loader is vulnerable to buffer overflow, which results in arbitrary code execution during the boot process, even when Secure Boot is enabled. Description GRUB2 is a multiboot boot loader that replaced...
Read MoreOverview F5 BIG-IP provides a Traffic Management User Interface (TMUI), also referred to as the Configuration utility, that has multiple vulnerabilities including a remotely exploitable command injection vulnerability that can...
Read MoreOverview Multiple Netgear devices contain a stack buffer overflow in the httpd web server’s handling of upgrade_check.cgi, which may allow for unauthenticated remote code execution with root privileges. Description Many...
Read MoreOverview Treck IP stack implementations for embedded systems are affected by multiple vulnerabilities. This set of vulnerabilities was researched and reported by JSOF who calls them Ripple20. Description Treck IP network stack...
Read More