TR-23-0318 (Dell Güvenlik Bildirimi)
Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: USOM
Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: USOM
Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: USOM
Bluetooth Classic in Bluetooth Core Specification through 5.3 does not properly conceal device information for Bluetooth transceivers in Non-Discoverable mode. By conducting an efficient over-the-air attack, an attacker can fully extract the permanent, unique Bluetooth MAC identifier, along with device capabilities and identifiers, some of which may contain identifying information about the device owner. This…
Hitron CODA-5310 has hard-coded encryption/decryption keys in the program code. A remote attacker authenticated as an administrator can decrypt system files using the hard-coded keys for file access, modification, and cause service disruption. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
SGUDA U-Lock central lock control service’s lock management function has incorrect authorization. A remote attacker with general privilege can exploit this vulnerability to call privileged APIs to acquire information, manipulate or disrupt the functionality of arbitrary electronic locks. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
SGUDA U-Lock central lock control service’s user management function has incorrect authorization. A remote attacker with general user privilege can exploit this vulnerability to call privileged APIs to access, modify and delete user information. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
Hitron CODA-5310 has insufficient filtering for specific parameters in the connection test function. A remote attacker authenticated as an administrator, can use the management page to perform command injection attacks, to execute arbitrary system command, manipulate system or disrupt service. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: USOM
Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: USOM
The Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via service titles in versions up to, and including, 21.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative privileges to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected…
Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to obtain a hard-coded password and access to the module via FTP. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National…
Missing Password Field Masking vulnerability in Mitsubishi Electric Corporation EtherNet/IP configuration tools SW1DNN-EIPCT-BD and SW1DNN-EIPCTFX5-BD allows a remote unauthenticated attacker to know the password for MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP. This vulnerability results in authentication bypass vulnerability, which allows the attacker to access MELSEC iQ-R Series EtherNet/IP…