Bitdefender BOX 2 bootstrap update_setup command execution vulnerability

Summary An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91. The API method /api/updatesetup does not perform firmware signature checks atomically, leading to an exploitable race condition TOCTTOU that allows arbitrary execution o...

Bitdefender BOX 2 bootstrap download_image command injection vulnerability

Summary An exploitable command injection vulnerability exists in the bootstrap stage of Bitdefender BOX 2, versions 2.1.47.42 and 2.1.53.45. The API method /api/downloadimage unsafely handles the production firmware URL supplied by remote servers, leading to arbitrary execution of system commands...

TAU Threat Intelligence Notification – WindTail (OSX)

Summary Dark Matter researcher Taha Karim recently presented his research on the APT group WindShift at Hack in the Box Singapore. This group primarily focuses on highly targeted campaigns directed toward Middle Eastern government and commercial entities. One of the custom macOS backdoors employe...

Oracle VM VirtualBox Access Control Error Vulnerability (CNVD-2019-27291)

Oracle Virtualization is a set of virtualization solutions from Oracle Corporation. The solution is used to unify the management of the entire hardware and software system from applications to disks, enabling virtualization from the desktop to the data center.VM VirtualBox is one of the virtual...

Malboxes - Builds Malware Analysis Windows VMs So That You Don'T Have To

Builds malware analysis Windows virtual machines so that you don’t have to. Requirements Python 3.3+ packer: https://www.packer.io/docs/install/index.html vagrant: https://www.vagrantup.com/downloads.html VirtualBox or an vSphere / ESXi server Minimum specs for the build machine At least 5 GB of...

KLA11405 Multiple vulnerabilities in Oracle Virtual Box

Multiple vulnerabilities were found in Oracle Virtual Box. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions and cause denial of service. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities in Core component of...

The world’s southernmost security conference

When asked about his best race, Ayrton Senna replied that it was when he raced karting cars. For him it was the best because it was only for the sake of sports and free from commercial sponsoring and commercial interests. I have this same feeling about computer security conferences, because they...

Rhymix CMS Cross-Site Scripting Vulnerability

Rhymix CMS is a PHP-based content management system CMS. A cross-site scripting vulnerability exists in the index.php?module=admin&act=dispModuleAdminFileBox page in Rhymix CMS version 1.9.8.1, which can be exploited by remote attackers to inject arbitrary web script or HTML by uploading a...

CVE-2018-14988

The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201N/m201N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android versionCode=19, versionName=4.4.2-20170213 that contains an exported broadcast receiver application component that, wh...

CVE-2018-14987

The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201N/m201N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android versionCode=19, versionName=4.4.2-20170213 that dynamically registers a broadcast receiver app component named...

Design/Logic Flaw

The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201N/m201N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android versionCode=19, versionName=4.4.2-20170213 that dynamically registers a broadcast receiver app component named...

CVE-2018-14988

The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201N/m201N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android versionCode=19, versionName=4.4.2-20170213 that contains an exported broadcast receiver application component that, wh...

CVE-2018-14987

The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201N/m201N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android versionCode=19, versionName=4.4.2-20170213 that dynamically registers a broadcast receiver app component named...

CVE-2018-14988

The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201N/m201N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android versionCode=19, versionName=4.4.2-20170213 that contains an exported broadcast receiver application component that, wh...

CVE-2018-14987

The CVE-2018-14987 entry concerns the MXQ TV Box (Android 4.4.2) where the Android framework dynamically registers a broadcast receiver component, com.android.server.MasterClearReceiver, instead of static registration in the core Android manifest. This dynamic registration is not protected by the...

CVE-2018-14988

The CVE-2018-14988 entry describes an issue in MXQ TV Box 4.4.2 where an exported Android framework broadcast receiver component (com.android.server.SystemRestoreReceiver) is accessible without permissions and can write to /cache/recovery/command to trigger boot into recovery mode. This can forma...

PT-2022-27429 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: GPAC version 2.1-DEV-rev428-gcb8ae46c8-master Description: A stack overflow issue was discovered in GPAC via the function dimC box read at isomedia/box code 3gpp.c. This issue can be exploited, potentially leading to security breaches...

PT-2022-11261 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: Gpac versions through 1.0.1 Description: The issue is related to a double-free vulnerability in the iloc entry del function in box code meta.c, which can cause a denial of service. This vulnerability allows attackers to exploit the iloc entry...

PT-2022-27430 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: GPAC version 2.1-DEV-rev428-gcb8ae46c8-master Description: A memory leak was discovered in GPAC via the function dimC box read at isomedia/box code 3gpp.c. This issue may allow for unauthorized access or other malicious activities...

PT-2021-6596 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: gpac versions through 20200801 Description: An issue exists in the function vwid box del located in box code base.c, which allows an attacker to cause Denial of Service due to a NULL pointer dereference. This issue can be exploited by a remot...