Stay connected

Trending News

Category: Vulnerabilities

News, Vulnerabilities

WECON PI Studio 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: WECON Technology Co., Ltd. (WECON) Equipment: PI Studio Vulnerabilities: Stack-based Buffer Overflow, Out-of-Bounds Write, Information Exposure Through XML External Entity Reference, Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow remote code…

News, Vulnerabilities

Delta Electronics ISPSoft 

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/Low skill level to exploit Vendor: Delta Electronics Equipment: ISPSoft Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code under the context of the application. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS…

News, Vulnerabilities

GE Communicator 

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: Communicator Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Exploitation could allow attackers to execute arbitrary code or create a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Communicator, an…

News, Vulnerabilities

Entes EMG 12 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Entes Equipment: EMG 12 Vulnerabilities: Improper Authentication, Information Exposure Through Query Strings in GET Request 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow attackers to gain unauthorized access and could allow the ability…

News, Vulnerabilities

WECON LeviStudioU 

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: WECON Technology Co., Ltd Equipment: LeviStudioU ——— Begin Update A Part 1 of 3 ——— Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Out-of-Bounds Write, Improper Restriction of XML External Entity Reference ——— End Update A…

News, Vulnerabilities

Philips iSite/IntelliSpace PACS Vulnerabilities 

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Philips Equipment: iSite and IntelliSpace PACS Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Code/Source Code Vulnerabilities, Information Exposure, Code Injection, Weaknesses in OWASP Top Ten, and Improper…

News, Vulnerabilities

Telegram CVE-2018-17780 flaw causes the leak of IP addresses when initiating calls 

CVE-2018-17780 – Security researcher Dhiraj Mishra discovered that Telegram default configuration would expose a user’s IP address when making a call. Strangely tdesktop 1.3.14 and Telegram for windows (3.3.0.0 WP8.1) leaks end-user private and public IP address while making calls. Telegram is supposedly a secure messaging application, but it forces…