SEC Consult Vulnerability Lab Security Advisory < 20220609-0 >
===
title: Multiple vulnerabilities
product: SoftGuard SNMP Network Management Extension
vulnerable version: SoftGuard Web (SGW) < 5.1.5
SEC Consult Vulnerability Lab Security Advisory < 20220608-0 >
===
title: Stored Cross-Site Scripting & Unsafe Java Deserializiation
product: Gentics CMS
vulnerable version: 5.36.29, see section below
SEC Consult Vulnerability Lab Security Advisory < 20220607-0 >
===
title: Multiple Vulnerabilities
product: Infiray IRAY-A8Z3 thermal camera
vulnerable version: V1.0.957
fixed version: None
Dear Full Disclosure,
Find attached a security advisory that details multiple
vulnerabilities we discovered in the zysh shell distributed with some
Zyxel products, including their security appliances.
* Title: Multiple vulnerabilities in Zyxel zysh
* Products: Zyxel firewalls, AP controllers,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Advisory ID: SYSS-2022-021
Product: Mitel 6800/6900 Series SIP Phones excluding 6970
Mitel 6900 Series IP (MiNet) Phones
Manufacturer: Mitel Networks Corporation
Affected
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/e0f2bee25dd103d92e91e895e313ec34.txt
Contact: malvul...@gmail.com
Media: twitter.com/malvuln
Threat: Trojan-Banker.Win32.Banbra.cyt
Vulnerability: Insecure Permissions
Description: The
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/40acf109fa9621eae6930ef18f804909.txt
Contact: malvul...@gmail.com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Cabrotor.10.d
Vulnerability: Unauthenticated Remote Command Execution
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/bffc519fbaf2d119bd307cd22368cdc7.txt
Contact: malvul...@gmail.com
Media: twitter.com/malvuln
Threat: Trojan-Proxy.Win32.Symbab.o
Vulnerability: Heap Corruption
Description: The malware
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/ef1e59148c9a902ae5454760aaab73fe.txt
Contact: malvul...@gmail.com
Media: twitter.com/malvuln
Threat: Trojan-Banker.Win32.Banker.agzg
Vulnerability: Insecure Permissions
Description: The
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/dedad693898bba0e4964e6c9a749d380.txt
Contact: malvul...@gmail.com
Media: twitter.com/malvuln
Threat: Ransom.Haron
Vulnerability: Code Execution
Description: Haron looks for and executes
Advisory ID: SYSS-2022-024
Product: EP-KP001
Manufacturer: Lepin
Affected Version(s): KP001_V19
Tested Version(s): KP001_V19
Vulnerability Type:Violation of Secure Design Principles (CWE-657)
Risk Level:High
Advisory ID: SYSS-2022-017
Product: Fingerprint Secure Portable Hard Drive
Manufacturer: Verbatim
Affected Version(s): #53650
Tested Version(s): #53650
Vulnerability Type:Insufficient Verification of Data
Authenticity (CWE-345)
Advisory ID: SYSS-2022-016
Product: Fingerprint Secure Portable Hard Drive
Manufacturer: Verbatim
Affected Version(s): #53650
Tested Version(s): #53650
Vulnerability Type:Missing Immutable Root of Trust in Hardware
(CWE-1326)
Advisory ID: SYSS-2022-015
Product: Fingerprint Secure Portable Hard Drive
Manufacturer: Verbatim
Affected Version(s): #53650
Tested Version(s): #53650
Vulnerability Type:Use of a Cryptographic Primitive with a Risky
Advisory ID: SYSS-2022-014
Product: Fingerprint Secure Portable Hard Drive
Manufacturer: Verbatim
Affected Version(s): #53650
Tested Version(s): #53650
Vulnerability Type:Use of a Cryptographic Primitive with a Risky
Advisory ID: SYSS-2022-013
Product: Executive Fingerprint Secure SSD
Manufacturer: Verbatim
Affected Version(s): GDMSFE01-INI3637-C VER1.1
Tested Version(s): GDMSFE01-INI3637-C VER1.1
Vulnerability Type:Insufficient Verification
Advisory ID: SYSS-2022-011
Product: Executive Fingerprint Secure SSD
Manufacturer: Verbatim
Affected Version(s): GDMSFE01-INI3637-C VER1.1
Tested Version(s): GDMSFE01-INI3637-C VER1.1
Vulnerability Type:Missing Immutable Root of
Advisory ID: SYSS-2022-010
Product: Executive Fingerprint Secure SSD
Manufacturer: Verbatim
Affected Version(s): GDMSFE01-INI3637-C VER1.1
Tested Version(s): GDMSFE01-INI3637-C VER1.1
Vulnerability Type:Use of a Cryptographic
Advisory ID: SYSS-2022-009
Product: Executive Fingerprint Secure SSD
Manufacturer: Verbatim
Affected Version(s): GDMSFE01-INI3637-C VER1.1
Tested Version(s): GDMSFE01-INI3637-C VER1.1
Vulnerability Type:Use of a Cryptographic
Advisory ID: SYSS-2022-008
Product: Store 'n' Go Secure Portable HDD
Manufacturer: Verbatim
Affected Version(s): GD25LK01-3637-C VER4.0
Tested Version(s): GD25LK01-3637-C VER4.0
Vulnerability Type:Expected Behavior Violation
Advisory ID: SYSS-2022-007
Product: Store 'n' Go Secure Portable HDD
Manufacturer: Verbatim
Affected Version(s): GD25LK01-3637-C VER4.0
Tested Version(s): GD25LK01-3637-C VER4.0
Vulnerability Type:Missing Immutable Root of Trust
Advisory ID: SYSS-2022-006
Product: Store 'n' Go Secure Portable HDD
Manufacturer: Verbatim
Affected Version(s): GD25LK01-3637-C VER4.0
Tested Version(s): GD25LK01-3637-C VER4.0
Vulnerability Type:Use of a Cryptographic Primitive
Advisory ID: SYSS-2022-005
Product: Store 'n' Go Secure Portable HDD
Manufacturer: Verbatim
Affected Version(s): GD25LK01-3637-C VER4.0
Tested Version(s): GD25LK01-3637-C VER4.0
Vulnerability Type:Use of a Cryptographic Primitive
Advisory ID: SYSS-2022-004
Product: Keypad Secure USB 3.2 Gen 1 Drive
Manufacturer: Verbatim
Affected Version(s): Part Number #49428
Tested Version(s): Part Number #49428
Vulnerability Type:Expected Behavior Violation (CWE-440)
Advisory ID: SYSS-2022-003
Product: Keypad Secure USB 3.2 Gen 1 Drive
Manufacturer: Verbatim
Affected Version(s): Part Number #49428
Tested Version(s): Part Number #49428
Vulnerability Type:Missing Immutable Root of Trust in
Advisory ID: SYSS-2022-002
Product: Keypad Secure USB 3.2 Gen 1 Drive
Manufacturer: Verbatim
Affected Version(s): Part Number #49428
Tested Version(s): Part Number #49428
Vulnerability Type:Use of a Cryptographic Primitive with a
Advisory ID: SYSS-2022-001
Product: Keypad Secure USB 3.2 Gen 1 Drive
Manufacturer: Verbatim
Affected Version(s): Part Number #49428
Tested Version(s): Part Number #49428
Vulnerability Type:Use of a Cryptographic Primitive with a
27 matches
Mail list logo