8320 matches found
CVE-2018-6854
Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via multiple IOCTLs, e.g., 0x8810200B, 0x8810200F, 0x8810201B, 0x8810201F, 0x8810202B, 0x8810202F, 0x8810203F, 0x8810204B, 0x88102003,...
CVE-2017-15856
Due to a race condition while processing the power stats debug file to read status, a double free condition can occur in Android releases from CAF using the linux kernel Android for MSM, Firefox OS for MSM, QRD Android before security patch level 2018-06-05...
Android Debug Bridge (ADB) Accessible Without Authentication
The script checks if the target host is running a service supporting the Android Debug Bridge ADB protocol without an enabled authentication. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
The vulnerability of the Qualcomm Data Network Stack & Connectivity component of the Android operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Qualcomm Data Network Stack & Connectivity component of the Android operating system relates to the use of memory after it is freed, during attempts to log values of the RIL token in debug mode after a call ends if the eMBMS service is enabled. Exploiting this vulnerabili...
CVE-2018-8868
Medtronic 24950 MyCareLink Monitor and 24952 MyCareLink Monitor contains debug code meant to test the functionality of the monitor's communication interfaces, including the interface between the monitor and implantable cardiac device. An attacker with physical access to the device can exploit oth...
CVE-2018-8870
Medtronic 24950 MyCareLink Monitor and 24952 MyCareLink Monitor contains a hard-coded operating system password. An attacker with physical access can remove the case of the device, connect to the debug port, and use the password to gain privileged access to the operating system...
CVE-2018-8868
Medtronic 24950 MyCareLink Monitor and 24952 MyCareLink Monitor contains debug code meant to test the functionality of the monitor's communication interfaces, including the interface between the monitor and implantable cardiac device. An attacker with physical access to the device can exploit oth...
Input validation
Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all versions, and 24952 MyCareLink Monitor, all versions, contains debug code meant to test the functionality of the monitor's communication interfaces, including the interface between the monitor and implantable cardiac device. An...
Hardcoded credentials
Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all versions, and 24952 MyCareLink Monitor, all versions contains a hard-coded operating system password. An attacker with physical access can remove the case of the device, connect to the debug port, and use the password to gain...
Android Debug Bridge (ADB) Protocol Detection
The script tries to identify services supporting the Android Debug Bridge ADB Protocol. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2018-8870 Medtronic MyCareLink Patient Monitor Use of Hard-coded Password
Medtronic 24950 MyCareLink Monitor and 24952 MyCareLink Monitor contains a hard-coded operating system password. An attacker with physical access can remove the case of the device, connect to the debug port, and use the password to gain privileged access to the operating system...
CVE-2018-8868 Medtronic MyCareLink Patient Monitor Exposed Dangerous Method or Function
Medtronic 24950 MyCareLink Monitor and 24952 MyCareLink Monitor contains debug code meant to test the functionality of the monitor's communication interfaces, including the interface between the monitor and implantable cardiac device. An attacker with physical access to the device can exploit oth...
CVE-2018-8868
Medtronic MyCareLink Monitor devices (24950 and 24952) contain debug code that enables reading/writing arbitrary memory on implantable devices via short-range wireless interfaces. The vulnerability CVE-2018-8868 arises from an exposed dangerous function debugging path, allowing near-physically pr...
ALPINE-CVE-2018-12893
An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leadi...
CVE-2018-12893
An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leadi...
CVE-2018-12893
An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leadi...
Medtronic MyCareLink Patient Monitor Hardcoding Vulnerability
MyCareLink Patient Monitor is a patient monitor product developed by Medtronic, Inc. A hard-coded vulnerability in the Medtronic MyCareLink Patient Monitor allows an attacker with physical access to remove the device's enclosure, connect to the debug port, and use a password to gain privileged...
Debian DSA-4236-1 : xen - security update
Multiple vulnerabilities have been discovered in the Xen hypervisor : - CVE-2018-12891 It was discovered that insufficient validation of PV MMU operations may result in denial of service. - CVE-2018-12892 It was discovered that libxl fails to honour the 'readonly' flag on HVM-emulated SCSI disks....
[SECURITY] [DSA 4236-1] xen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4236-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 27, 2018 https://www.debian.org/security/faq -...
GNU Binutils debug.c File Denial of Service Vulnerability
GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for target files and archives. A security vulnerability exists in the...