Visteon Infotainment System DeviceManager iAP Serial Number SQL Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of V
Visteon Infotainment UPDATES_ExtractFile Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installatio
Visteon Infotainment App SoC Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installa
Visteon Infotainment REFLASH_DDU_ExtractFile Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected install
Visteon Infotainment REFLASH_DDU_FindFile Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installati
Visteon Infotainment VIP MCU Code Insufficient Validation of Data Authenticity Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected in
A command injection in the networking service of the MIB3 infotainment allows an attacker already presenting in the system to escalate privileges and obtain administrative access to the system.
The vu
The MIB3 infotainment unit used in Skoda and Volkswagen vehicles does not incorporate any privilege separation for the proprietary inter-process communication mechanism, leaving attackers with presenc
An integer underflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause denial-of-service of the infotainment system.
The vulnera
A vulnerability was found in Das Parking Management System 停车场管理系统 6.2.0. It has been rated as critical. This issue affects some unknown processing of the file /vehicle/search of the component API. Th
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative write privileges to conduc
A specific flaw exists within the Bluetooth stack of the MIB3 infotainment. The issue results from the lack of proper validation of user-supplied data, which can result in an arbitrary channel disconn
A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device.
Vehicle Management System 1.0 is vulnerable to SQL Injection. A guest user can exploit vulnerable POST parameters in various administrative actions, such as booking a vehicle or confirming a booking.
A vulnerability exists in serial device servers where active debug code remains enabled in the UART interface. An attacker with physical access to the device can directly connect to the UART interface
An incorrect encryption implementation vulnerability exists in the system log dump feature of BYD's DiLink 3.0 OS (e.g. in the model ATTO3). An attacker with physical access to the vehicle can bypass
Wyze Cam v3 Wi-Fi SSID OS Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Wyze Cam
An Insecure Direct Object Reference (IDOR) vulnerability exists in the vehicleId parameter, allowing unauthorized access to sensitive information of other users’ vehicles. Exploiting this issue enable
A SQL injection vulnerability in manage_client.php and view_cab.php of Sourcecodester Cab Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter, leading
A vulnerability was found in aaluoxiang oa_system up to c3a08168c144f27256a90838492c713f55f1b207 and classified as critical. This issue affects the function outAddress of the component External Addres
Page 1+ Next →