Published Vulnerabilities

Mon
02
Mar
Editorial_Staff_Team's picture

Apple iOS 8.0 - 8.0.2 - Controls Re Auth Bypass Vulnerability

Apple iOS 8.0 - 8.0.2 - Controls Re Auth Bypass Vulnerability

Due to the last years we learned fast that glitches can result in a security problem for embed device systems. At  the beginning of the year a german core team researcher revealed information on how to permanently evade the controls to bypass with an app the pass code. The researcher used a combination of glitches and design errors in the phone ui of iOS to successful exploit the local issue. The issue has a minor severity then for example the emergency call issue of 2013 because a physical device by account access is required. (cvss 5.2)

A local pass code (code lock) bypass and glitch has been discovered in the Apple iOS v8.0 (12A365) mobile device system. The vulnerability allows to bypass or evade via glitch the regular pass code restriction of the embed iOS device system.

Thu
12
Feb
Editorial_Staff_Team's picture

Pandora FMS v5.1 SP1 starts to fix SQL Injection Vulnerability

Pandora FMS v5.1 SP1 starts to fix SQL Injection Vulnerability

The vulnerability laboratory research team discovered during the week a sql injection vulnerability in the pandora fms v5.1 sp1 monitoring web-application. The severity of the vulnerability is high. Pandora FMS is a monitoring web-application by artica.

The vulnerability is located in the offset value of the index list context module. Remote attackers and low privileged application user accounts are able to execute own sql commands via GET method request. The attacker can prepare a request through the `agentes` module to inject own sql commands on the affected web-application dbms.

Pages

Subscribe to RSS - Published Vulnerabilities