An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos Modem 5123, and Exynos Modem 5300. The baseband software does not properly check states...
7.5CVSS
5.6AI Score
0.001EPSS
TotalCloud Insights: Securing Your Data—The Power of Encryption in Preventing Threats
Introduction Did you know there is a 90% failure rate for encryption-related controls of MySQL Server in Microsoft Azure? The issue isn't confined to Azure; in Google Cloud Platform (GCP) environments there is a 98% failure rate of encryption-related controls for both compute engine and storage...
7.2AI Score
Arbitrary directory creation in Samsung Live Wallpaper PC prior to version 3.3.8.0 allows attacker to create arbitrary...
6.2CVSS
7.2AI Score
0.0004EPSS
Arbitrary directory creation in GalaxyBudsManager PC prior to version 2.1.240315.51 allows attacker to create arbitrary...
6.2CVSS
7.2AI Score
0.0004EPSS
Out-of-bounds read vulnerability in bootloader prior to SMR June-2024 Release 1 allows physical attackers to arbitrary data...
4.6CVSS
6.8AI Score
0.0004EPSS
Improper component protection vulnerability in Samsung Dialer prior to SMR May-2024 Release 1 allows local attackers to make a call without proper...
5.1CVSS
6.8AI Score
0.0004EPSS
Incorrect use of privileged API vulnerability in registerBatteryStatsCallback in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local attackers to use privileged...
6.2CVSS
6.8AI Score
0.0004EPSS
Incorrect use of privileged API vulnerability in getSemBatteryUsageStats in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local attackers to use privileged...
6.2CVSS
6.8AI Score
0.0004EPSS
Improper input validation vulnerability in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to write out-of-bounds...
4CVSS
6.9AI Score
0.0004EPSS
Stack-based buffer overflow vulnerability in bootloader prior to SMR Jun-2024 Release 1 allows physical attackers to overwrite...
6.4CVSS
7.3AI Score
0.0004EPSS
Improper input validation vulnerability in chnactiv TA prior to SMR Jun-2024 Release 1 allows local privileged attackers lead to potential arbitrary code...
6.4CVSS
7.5AI Score
0.0004EPSS
Improper caller verification vulnerability in SemClipboard prior to SMR June-2024 Release 1 allows local attackers to access arbitrary...
4CVSS
7AI Score
0.0004EPSS
Improper input validation in libsheifdecadapter.so prior to SMR Jun-2024 Release 1 allows local attackers to lead to memory...
6.1CVSS
6.8AI Score
0.0004EPSS
Heap out-of-bound write vulnerability in parsing grid image header in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to execute arbitrary...
7.3CVSS
7.6AI Score
0.0004EPSS
Heap out-of-bound write vulnerability in parsing grid image in libsavscmn.so prior to SMR June-2024 Release 1 allows local attackers to execute arbitrary...
7.3CVSS
7.6AI Score
0.0004EPSS
Improper input validation vulnerability in caminfo driver prior to SMR Jun-2024 Release 1 allows local privileged attackers to write out-of-bounds...
4.2CVSS
6.8AI Score
0.0004EPSS
Improper access control vulnerability in SmartManagerCN prior to SMR Jun-2024 Release 1 allows local attackers to launch privileged...
7.9CVSS
6.8AI Score
0.0004EPSS
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos Modem 5123, and Exynos Modem 5300. The baseband software does not properly check states...
5.9CVSS
5.6AI Score
0.001EPSS
Employee And Visitor Gate Pass Logging System 1.0 SQL Injection Vulnerability
Employee and Visitor Gate Pass Logging System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication...
8.7AI Score
(RHSA-2024:3576) Low: Red Hat build of Keycloak 24.0.5 Images enhancement and security update
Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat build of Keycloak for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also...
6.6AI Score
0.0005EPSS
(RHSA-2024:3575) Low: Red Hat build of Keycloak 24.0.5 enhancement and security update
Red Hat build of Keycloak 24.0.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Security Fix(es): * exposure of sensitive information in Pushed Authorization Requests (PAR)...
6.2AI Score
0.0004EPSS
(RHSA-2024:3574) Low: Red Hat build of Keycloak 22.0.11 enhancement and security update
Red Hat build of Keycloak 22.0.11 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat build of Keycloak 22.0.11 serves as a replacement for Red Hat Single...
6.2AI Score
0.0004EPSS
(RHSA-2024:3573) Low: Red Hat build of Keycloak 22.0.11 Images enhancement and security update
Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat build of Keycloak for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also...
6.7AI Score
0.001EPSS
(RHSA-2024:3572) Low: Red Hat Single Sign-On 7.6.9 security update
<< AUTOMATICALLY GENERATED, EDIT PLEASE >> Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.9 serves ...
6.3AI Score
0.0004EPSS
(RHSA-2024:3570) Low: Red Hat Single Sign-On 7.6.9 for OpenShift image enhancement update
Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage...
8.2AI Score
0.05EPSS
(RHSA-2024:3568) Low: Red Hat Single Sign-On 7.6.9 security update on RHEL 9
Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.9 on RHEL 9 serves as a replacement for Red Hat Single Sign-On.....
6.3AI Score
0.0004EPSS
(RHSA-2024:3567) Low: Red Hat Single Sign-On 7.6.9 security update on RHEL 8
Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.9 on RHEL 8 serves as a replacement for Red Hat Single Sign-On.....
6.3AI Score
0.0004EPSS
(RHSA-2024:3566) Low: Red Hat Single Sign-On 7.6.9 security update on RHEL 7
Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.9 on RHEL 7 serves as a replacement for Red Hat Single Sign-On.....
6.3AI Score
0.0004EPSS
Incorrect access control in the fingerprint authentication mechanism of Bitdefender Mobile Security v4.11.3-gms allows attackers to bypass fingerprint authentication due to the use of a deprecated...
7.4AI Score
EPSS
Incorrect access control in the fingerprint authentication mechanism of Bitdefender Mobile Security v4.11.3-gms allows attackers to bypass fingerprint authentication due to the use of a deprecated...
6.8AI Score
EPSS
PCI DSS 4.0: Get Audit-Ready for the New Requirements
The Payment Card Industry Data Security Standard (PCI DSS) originated in 2004 and is managed by the PCI Security Standards Council to ensure security for the global payment industry. This mandate applies to all entities worldwide that store, process, or transmit payment cardholder data or...
7.6AI Score
Summary Vulnerabilities contained within OpenSSL (a 3rd party component) were addressed in the IBM MaaS360 VPN Module. Vulnerabilities contained within Netty, Spring Framework and Eclipse Jetty (3rd party components) were addressed in the IBM MaaS360 Mobile Enterprise Gateway (MEG) Module. ...
8.1CVSS
7.3AI Score
0.002EPSS
WhatsApp cryptocurrency scam goes for the cash prize
This weekend a scammer tried his luck by reaching out to me on WhatsApp. It’s not that I don’t appreciate it, but trust me, it’s bad for your business. I received one message from a number hailing from the Togolese Republic. WhatsApp message from an unknow sender “Jay, your financial account has...
7.3AI Score
CVE-2024-24919-PoC ![Screenshot of the exploit...
8.6CVSS
8.8AI Score
0.945EPSS
CVE-2024-24919-Exploit Overview This repository contains...
8.6CVSS
6.1AI Score
0.945EPSS
Active Exploits target Check Point Security Gateway Zero-Day Information Disclosure flaw Check Point Cybersecurity has issued hotfixes to address a zero-day vulnerability in its VPNs that has been exploited to gain remote access to firewalls and potentially infiltrate corporate networks. On...
8.6CVSS
6.3AI Score
0.945EPSS
Technology was once simply a tool--and a small one at that--used to amplify human intent and capacity. That was the story of the industrial revolution: we could control nature and build large, complex human societies, and the more we employed and mastered technology, the better things got. We...
6.9AI Score
Memory corruption while creating a LPAC client as LPAC engine was allowed to access GPU...
8.4CVSS
7.3AI Score
0.001EPSS
Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management...
7.5CVSS
6.9AI Score
0.0005EPSS
transient DOS when setting up a fence callback to free a KGSL memory entry object during...
6.2CVSS
7.2AI Score
0.0004EPSS
8.2CVSS
7.1AI Score
0.001EPSS
9.3CVSS
6.8AI Score
0.001EPSS
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode...
9.1CVSS
7AI Score
0.001EPSS
Memory corruption when IPC callback handle is used after it has been released during register callback by another...
6.7CVSS
7.5AI Score
0.0004EPSS
Memory corruption while copying a keyblobs material when the key materials size is not accurately...
7.8CVSS
7.1AI Score
0.0004EPSS
Memory corruption when more scan frequency list or channels are sent from the user...
6.7CVSS
7.5AI Score
0.0004EPSS
Memory corruption in Audio during a playback or a recording due to race condition between allocation and deallocation of graph...
6.7CVSS
7.3AI Score
0.0004EPSS
9.3CVSS
7AI Score
0.001EPSS
6.5CVSS
7.1AI Score
0.0005EPSS
IT threat evolution in Q1 2024. Mobile statistics
IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. Non-mobile statistics Quarterly figures According to Kaspersky Security Network, in Q1 2024: 10.1 million attacks using malware, adware, or unwanted mobile software were blocked. The most...
7.9AI Score