UBUNTU-CVE-2019-2110

In ScreenRotationAnimation of ScreenRotationAnimation.java, there is a possible capture of a secure screen due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2016-7937

Multiple out of bounds read and integer overflow vulnerabilities were found in tcpdump affecting the decoding of various protocols. An attacker could create a crafted pcap file or send specially crafted packets to the network segment where tcpdump is running in live capture mode without -w which...

CVE-2019-11341

On certain Samsung P9.0 phones, an attacker with physical access can start a TCP Dump capture without the user's knowledge. This feature of the Service Mode application is available after entering the 9900 check code, but is protected by an OTP password. However, this password is created locally...

CVE-2019-11341

On certain Samsung P9.0 phones, an attacker with physical access can start a TCP Dump capture without the user's knowledge. This feature of the Service Mode application is available after entering the 9900 check code, but is protected by an OTP password. However, this password is created locally...

Default credentials

On certain Samsung P9.0 phones, an attacker with physical access can start a TCP Dump capture without the user's knowledge. This feature of the Service Mode application is available after entering the 9900 check code, but is protected by an OTP password. However, this password is created locally...

CVE-2019-11341

On certain Samsung P9.0 phones, an attacker with physical access can start a TCP Dump capture without the user's knowledge. This feature of the Service Mode application is available after entering the 9900 check code, but is protected by an OTP password. However, this password is created locally...

CVE-2019-11341

On Samsung P(9.0) devices, the vulnerability enables a physically proximate attacker to start a TCP dump via the Service Mode feature (accessible after entering the *#9900# check code) without user knowledge. The OTP that protects this feature is generated locally, and the password creation logic...

CVE-2019-15164

rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source...

ALPINE-CVE-2019-15165

sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory...

DEBIAN-CVE-2019-15165

sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory...

ALPINE-CVE-2019-15164

rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source...

DEBIAN-CVE-2019-15164

rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source...

ALPINE-CVE-2019-15162

rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames...

CVE-2019-15164

CVE-2019-15164 affects libpcap (rpcapd/daemon.c). The issue allows an SSRF by providing a URL as a capture source in libpcap before version 1.9.1. EulerOS/OpenVAS entries confirm libpcap 1.9.1 as the fix. Remediation: upgrade to libpcap 1.9.1 or newer to address this vulnerability. If exploiting ...

CVE-2019-15164

rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source...

CVE-2019-15164

rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source...

CVE-2019-9428

In the Framework, it is possible to set up BROWSEABLE intents to take over certain URLs. This could lead to remote information disclosure of sensitive URLs with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:...

USN-4134-2 ibus regression

USN-4134-1 fixed a vulnerability in IBus. The security fix introduced a regression when being used with Qt applications. This update reverts the security fix pending further investigation. Original advisory details: Simon McVittie discovered that IBus did not enforce appropriate access controls o...

CVE-2019-16649

On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media service allows capture of BMC credentials and data transferred over virtual media devices. Attackers can use captured credentials to connect virtual USB devices to...

Security Bulletin: Node.js as used in IBM QRadar Packet Capture is vulnerable to the following CVE's (CVE-2019-1559, CVE-2019-5737, CVE-2019-5739)

Summary Node.js as used in IBM QRadar Packet Capture is susceptible to the following vulnerabilities Vulnerability Details CVEID: CVE-2019-1559 Description: OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after t...