8292 matches found
CVE-2016-3939
drivers/video/msm/mdss/mdssdebug.c in the Qualcomm video driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 30874196 and Qualcomm internal bug CR 1001224...
Allwinner 3.4 Legacy Kernel Local Privilege Escalation
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "msf/core" class MetasploitModule "Allwinner 3.4 Legacy Kernel Local Privilege Escalation", "Description" = %q This module attempts to exploit a debug backdoor...
Allwinner 3.4 Legacy Kernel Local Privilege Escalation
Exploit for hardware platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "msf/core" class MetasploitModule "Allwinner 3.4 Legacy Kernel Local Privilege Escalation", "Description...
VUPlayer 2.49 - (.pls) Buffer Overflow Vulnerability
VUPlayer is a freeware multi-format audio player for windows. Copy of the Vendor Homepage: http://vuplayer.com/vuplayer.php Technical Details & Description: ================================ The classic buffer overflow vulnerability is located in the software VUPlayer an attacker can manipulate th...
DLA-635-1 dwarfutils - security update
Bulletin has no description...
Allwinner 3.4 Legacy Kernel Local Privilege Escalation
This module attempts to exploit a debug backdoor privilege escalation in Allwinner SoC based devices. Vulnerable Allwinner SoC chips: H3, A83T or H8 which rely on Kernel 3.4. Vulnerable OS: all OS images available for Orange Pis, any for FriendlyARM's NanoPi M1, SinoVoip's M2+ and M3, Cuebietech'...
Error: "Cannot complete your request" while accessing on premise XenApp 7.9 Resources by a user from Azure Active Directory.
When users from Azure domain are trying to access resources published via XenApp 7.9 on your premise, they receive this error: "Cannot complete your request". On looking at the Storefront debug logs, you see that storefront does a Callback: 00001779 3:27:23 AM 8248 Authenticate Perform callback A...
CVE-2016-3890
The Java Debug Wire Protocol JDWP implementation in adb/sockets.cpp in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 mishandles socket close operations, which allows attackers to gain privileges via a crafted application, aka internal bug 28347842...
CVE-2016-3890
The Java Debug Wire Protocol JDWP implementation in adb/sockets.cpp in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 mishandles socket close operations, which allows attackers to gain privileges via a crafted application, aka internal bug 28347842...
DEBIAN-CVE-2016-3890
The Java Debug Wire Protocol JDWP implementation in adb/sockets.cpp in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 mishandles socket close operations, which allows attackers to gain privileges via a crafted application, aka internal bug 28347842...
CVE-2016-3876
providers/settings/SettingsProvider.java in Android 6.x before 2016-09-01 and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the SAFEBOOTDISALLOWED protection mechanism and boot to safe mode via the Android Debug Bridge adb tool, aka internal bug 29900345...
UBUNTU-CVE-2016-3876
providers/settings/SettingsProvider.java in Android 6.x before 2016-09-01 and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the SAFEBOOTDISALLOWED protection mechanism and boot to safe mode via the Android Debug Bridge adb tool, aka internal bug 29900345...
UBUNTU-CVE-2016-3890
The Java Debug Wire Protocol JDWP implementation in adb/sockets.cpp in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 mishandles socket close operations, which allows attackers to gain privileges via a crafted application, aka internal bug 28347842...
Design/Logic Flaw
The Java Debug Wire Protocol JDWP implementation in adb/sockets.cpp in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 mishandles socket close operations, which allows attackers to gain privileges via a crafted application, aka internal bug 28347842...
CVE-2016-3890
The Java Debug Wire Protocol JDWP implementation in adb/sockets.cpp in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 mishandles socket close operations, which allows attackers to gain privileges via a crafted application, aka internal bug 28347842...
CVE-2016-3890
The Java Debug Wire Protocol JDWP implementation in adb/sockets.cpp in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 mishandles socket close operations, which allows attackers to gain privileges via a crafted application, aka internal bug 28347842...
CVE-2016-3890
The Java Debug Wire Protocol JDWP implementation in adb/sockets.cpp in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 mishandles socket close operations, which allows attackers to gain privileges via a crafted application, aka internal bug 28347842...
JDWP Command Execution Vulnerability in Some IPs of ZDNT
ZDNT Customer Resource Management System is a foreign trade software that solves the key problems of foreign trade enterprises by focusing on customers. A JDWP command execution vulnerability exists in some IPs of ZDNT, which allows attackers to exploit the vulnerability to gain control of the we...
Google Android Java Debug Wire Protocol Elevation of Privilege Vulnerability
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An elevated privilege vulnerability exists in the Java Debug Wire Protocol in Android. An attacker can exploit this vulnerability to execute arbitrary code with elevated privilege...
Boozt Fashion AB: PHP info page disclosure on http://www.day.dk/
Hi, Boozt team. Description: phpinfo is a debug functionality that prints out detailed information on both the system and the PHP configuration. Step to reproduce: 1. Go to http://www.day.dk/check.php An attacker can obtain information such as: •Exact PHP version. •Exact OS and its version...