CVE-2019-13405 Advan VD-1 allows a remote user to enable Android Debug Bridge without any authentication

A broken access control vulnerability found in Advan VD-1 firmware version 230 leads to insecure ADB service. An attacker can send a POST request to cgibin/AdbSetting.cgi to enable ADB without any authentication then take the compromised device as a relay or to install mining software...

CVE-2019-4448

IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum and db2hpumdebug binaries are setuid root and have built-in options that allow an low privileged user the ability to load arbitrary db2 libraries from a privileged context. This...

Smart TV Box fails to restrict access permissions

Overview Smart TV Box provided by KDDI CORPORATION enables access to Android Debug Bridge via port 5555/TCP of LAN side interface. When a cable television provider sets up Smart TV Box at an individual residence, direct access from outside to the LAN side interface of Smart TV Box is disabled...

JVN#17127920: Smart TV Box fails to restrict access permissions

Smart TV Box provided by KDDI CORPORATION enables access to Android Debug Bridge via port 5555/TCP of LAN side interface. When a cable television provider sets up Smart TV Box at an individual residence, direct access from outside to the LAN side interface of Smart TV Box is disabled. However if...

CVE-2019-5634

An inclusion of sensitive information in log files vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. Communications to the internet API services and direct connections to the lock via Bluetooth Low Energy BLE from the mobile application are logged in...

Design/Logic Flaw

An inclusion of sensitive information in log files vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. Communications to the internet API services and direct connections to the lock via Bluetooth Low Energy BLE from the mobile application are logged in...

CVE-2019-5634 Hickory Smart Lock Insecure Logging on Android

An inclusion of sensitive information in log files vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. Communications to the internet API services and direct connections to the lock via Bluetooth Low Energy BLE from the mobile application are logged in...

ceph: debug logging for v4 auth does not sanitize encryption keys

It was found that Ceph RGW did not properly sanitize encryption keys in debug logging for v4 auth. Encryption keys could be inadvertently disclosed when sharing debug logs...

ceph: debug logging for v4 auth does not sanitize encryption keys

It was found that Ceph RGW did not properly sanitize encryption keys in debug logging for v4 auth. Encryption keys could be inadvertently disclosed when sharing debug logs...

DEBIAN-CVE-2019-15090

An issue was discovered in drivers/scsi/qedi/qedidbg.c in the Linux kernel before 5.1.12. In the qedidbg family of functions, there is an out-of-bounds read...

Microsoft Font Subsetting - DLL Returning a Dangling Pointer via MergeFontPackage

-----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the specific glyphs used in the document where the fonts are embedded. It is used by Windows G...

UBUNTU-CVE-2019-15090

An issue was discovered in drivers/scsi/qedi/qedidbg.c in the Linux kernel before 5.1.12. In the qedidbg family of functions, there is an out-of-bounds read...

F5 Networks BIG-IP : iRulesLX debug NodeJS vulnerability (K75532331)

Similar to the issue identified inCVE-2018-12120, the BIG-IP system will bind a debug nodejs process to all interfaces when invoked. This may expose the process to unauthorized users if the plugin is left in debug mode and the port is accessible.CVE-2019-6644 Impact A remote attacker may be able ...

NewStart CGSL MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0014)

The remote NewStart CGSL host, running version MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - A flaw was found in the Linux kernel's key management system where it was possible for an attacker to escalate privileges or crash the machine. If a user key ge...

NewStart CGSL CORE 5.04 / MAIN 5.04 : pcs Multiple Vulnerabilities (NS-SA-2019-0042)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has pcs packages installed that are affected by multiple vulnerabilities: - Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in...

ZTE MF910 – An end of life router, running lots of vivacious hidden code

You might be here because you saw our talk at Defcon 27. You might want to watch that for the full rundown! The ZTE MF910 is a really interesting router for reversing, mainly because it’s full of nice debug calls, and underused functionality. Also, it’s never going to get patched, and it’s really...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists in HID debug where a buffer overflow in hiddebugeventsread in drivers/hid/hid-debug.c...

kernel: HID: debug: Buffer overflow in hid_debug_events_read() in drivers/hid/hid-debug.c

A flaw was found in the Linux kernel in the hiddebugeventsread function in the drivers/hid/hid-debug.c file. A lack of the certain checks may allow a privileged user "root" to achieve an out-of-bounds write and thus receiving user space buffer corruption...

The vulnerability of the hiddebugevents_read() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the hiddebugeventsread function in the hid/hid-debug.c driver in the Linux kernel leads to uncontrolled resource consumption. Exploiting this vulnerability could allow an attacker to cause a service failure...

Remote Code Execution

Apach Solr DataImportHandler is vulnerable to remote code execution RCE. The attack is possible because it allows an attacker to inject arbitrary code through request's dataConfig parameter which is used for setting the whole DIH configuration when using debug mode of the DIH admin screen...