Snapdragon Mobile, Small Cell SoC Security Vulnerabilities
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not...
5.3CVSS
5.2AI Score
0.0005EPSS
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not...
7.5CVSS
6.3AI Score
0.001EPSS
An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check replay...
5.3CVSS
4.3AI Score
0.0005EPSS
An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check format...
5.3CVSS
4.2AI Score
0.0004EPSS
An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check replay...
5.3CVSS
4.1AI Score
0.0005EPSS
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not...
5.3CVSS
5.2AI Score
0.0005EPSS
An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check format...
5.3CVSS
4.2AI Score
0.0004EPSS
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not...
7.5CVSS
7.4AI Score
0.001EPSS
Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC
Summary An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption. Details The OpenTelemetry Collector handles compressed HTTP requests by recognizing the Content-Encoding header, rewriting the HTTP request body, and allowing...
8.2CVSS
8.3AI Score
0.001EPSS
Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC
Summary An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption. Details The OpenTelemetry Collector handles compressed HTTP requests by recognizing the Content-Encoding header, rewriting the HTTP request body, and allowing...
8.2CVSS
8.3AI Score
0.001EPSS
Say hello to the fifth generation of Malwarebytes
Announcing the latest version of Malwarebytes, which brings a faster, responsive, and consistent user interface, integrated security and privacy, and expert guidance to keep you secure. Here's what you can expect: 1. Unified user experience across platforms The new generation of Malwarebytes now...
7.3AI Score
Chinese State-Backed Cyber Espionage Targets Southeast Asian Government
An unnamed high-profile government organization in Southeast Asia emerged as the target of a "complex, long-running" Chinese state-sponsored cyber espionage operation codenamed Crimson Palace. "The overall goal behind the campaign was to maintain access to the target network for cyberespionage in.....
7AI Score
Inclusion of Sensitive Information in Source Code vulnerability in TNB Mobile Solutions Cockpit Software allows Retrieve Embedded Sensitive Data.This issue affects Cockpit Software: before...
7.5CVSS
7.4AI Score
0.001EPSS
Inclusion of Sensitive Information in Source Code vulnerability in TNB Mobile Solutions Cockpit Software allows Retrieve Embedded Sensitive Data.This issue affects Cockpit Software: before...
7.5CVSS
5.4AI Score
0.001EPSS
CVE-2024-1272 Information Disclosure to Source Code in TNB Mobile Solutions' Cockpit Software
Inclusion of Sensitive Information in Source Code vulnerability in TNB Mobile Solutions Cockpit Software allows Retrieve Embedded Sensitive Data.This issue affects Cockpit Software: before...
5.3CVSS
5.4AI Score
0.001EPSS
CVE-2024-1272 Information Disclosure to Source Code in TNB Mobile Solutions' Cockpit Software
Inclusion of Sensitive Information in Source Code vulnerability in TNB Mobile Solutions Cockpit Software allows Retrieve Embedded Sensitive Data.This issue affects Cockpit Software: before...
5.3CVSS
7.1AI Score
0.001EPSS
Celebrity TikTok Accounts Compromised Using Zero-Click Attack via DMs
Popular video-sharing platform TikTok has acknowledged a security issue that has been exploited by threat actors to take control of high-profile accounts on the platform. The development was first reported by Semafor and Forbes, which detailed a zero-click account takeover campaign that allows...
7.3AI Score
Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Node.js Vulnerability Details ** CVEID: CVE-2024-27982 DESCRIPTION: **Node.js is vulnerable to HTTP request smuggling, caused by the use of content length obfuscation in the http server. By sending specially...
8.2CVSS
6.5AI Score
0.0004EPSS
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not...
5.3CVSS
5.2AI Score
0.0005EPSS
An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check format...
3.7CVSS
4.2AI Score
0.0004EPSS
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not...
6.3AI Score
0.001EPSS
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check states specified....
5.9CVSS
5.6AI Score
0.0004EPSS
An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check format...
3.7CVSS
4.2AI Score
0.0004EPSS
An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check replay...
3.7CVSS
4.1AI Score
0.0005EPSS
An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check replay...
3.7CVSS
4.7AI Score
0.0005EPSS
US residents targeted by utility scammers on Google
Back in February, we reported on malicious ads related to utility bills (electricity, gas) that direct victims to call centers where scammers will collect their identity and try to extort money from them. A few months later, we checked and were able to find as many Google ads as before, following.....
7.2AI Score
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos Modem 5123, and Exynos Modem 5300. The baseband software does not properly check states...
7.5CVSS
6.2AI Score
0.001EPSS
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos Modem 5123, and Exynos Modem 5300. The baseband software does not properly check states...
7.5CVSS
5.6AI Score
0.001EPSS
The four stages of creating a trust fabric with identity and network security
How implementing a trust fabric strengthens identity and network Read the blog At Microsoft, we’re continually evolving our solutions for protecting identities and access to meet the ever-changing security demands our customers face. In a recent post, we introduced the concept of the trust...
7.5AI Score
TotalCloud Insights: Securing Your Data—The Power of Encryption in Preventing Threats
Introduction Did you know there is a 90% failure rate for encryption-related controls of MySQL Server in Microsoft Azure? The issue isn't confined to Azure; in Google Cloud Platform (GCP) environments there is a 98% failure rate of encryption-related controls for both compute engine and storage...
7.2AI Score
An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the server and then a...
8.2CVSS
5.8AI Score
0.0004EPSS
Arbitrary directory creation in Samsung Live Wallpaper PC prior to version 3.3.8.0 allows attacker to create arbitrary...
6.2CVSS
7.2AI Score
0.0004EPSS
Arbitrary directory creation in GalaxyBudsManager PC prior to version 2.1.240315.51 allows attacker to create arbitrary...
6.2CVSS
7.2AI Score
0.0004EPSS
Out-of-bounds read vulnerability in bootloader prior to SMR June-2024 Release 1 allows physical attackers to arbitrary data...
4.6CVSS
6.8AI Score
0.0004EPSS
Improper component protection vulnerability in Samsung Dialer prior to SMR May-2024 Release 1 allows local attackers to make a call without proper...
5.1CVSS
6.8AI Score
0.0004EPSS
Incorrect use of privileged API vulnerability in registerBatteryStatsCallback in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local attackers to use privileged...
6.2CVSS
6.8AI Score
0.0004EPSS
Incorrect use of privileged API vulnerability in getSemBatteryUsageStats in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local attackers to use privileged...
6.2CVSS
6.8AI Score
0.0004EPSS
Improper input validation vulnerability in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to write out-of-bounds...
4CVSS
6.9AI Score
0.0004EPSS
Stack-based buffer overflow vulnerability in bootloader prior to SMR Jun-2024 Release 1 allows physical attackers to overwrite...
6.4CVSS
7.3AI Score
0.0004EPSS
Improper input validation vulnerability in chnactiv TA prior to SMR Jun-2024 Release 1 allows local privileged attackers lead to potential arbitrary code...
6.4CVSS
7.5AI Score
0.0004EPSS
Improper caller verification vulnerability in SemClipboard prior to SMR June-2024 Release 1 allows local attackers to access arbitrary...
4CVSS
7AI Score
0.0004EPSS
Improper input validation in libsheifdecadapter.so prior to SMR Jun-2024 Release 1 allows local attackers to lead to memory...
6.1CVSS
6.8AI Score
0.0004EPSS
Heap out-of-bound write vulnerability in parsing grid image header in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to execute arbitrary...
7.3CVSS
7.6AI Score
0.0004EPSS
Heap out-of-bound write vulnerability in parsing grid image in libsavscmn.so prior to SMR June-2024 Release 1 allows local attackers to execute arbitrary...
7.3CVSS
7.6AI Score
0.0004EPSS
Improper input validation vulnerability in caminfo driver prior to SMR Jun-2024 Release 1 allows local privileged attackers to write out-of-bounds...
4.2CVSS
6.8AI Score
0.0004EPSS
Improper access control vulnerability in SmartManagerCN prior to SMR Jun-2024 Release 1 allows local attackers to launch privileged...
7.9CVSS
6.8AI Score
0.0004EPSS
DarkGate Malware Replaces AutoIt with AutoHotkey in Latest Cyber Attacks
Cyber attacks involving the DarkGate malware-as-a-service (MaaS) operation have shifted away from AutoIt scripts to an AutoHotkey mechanism to deliver the last stages, underscoring continued efforts on the part of the threat actors to continuously stay ahead of the detection curve. The updates...
8.8CVSS
7.3AI Score
0.005EPSS
Employee And Visitor Gate Pass Logging System 1.0 SQL Injection Vulnerability
Employee and Visitor Gate Pass Logging System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication...
8.7AI Score
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos Modem 5123, and Exynos Modem 5300. The baseband software does not properly check states...
5.9CVSS
5.6AI Score
0.001EPSS
(RHSA-2024:3576) Low: Red Hat build of Keycloak 24.0.5 Images enhancement and security update
Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat build of Keycloak for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also...
6.6AI Score
0.0005EPSS