Critical RCE Bug Affects Millions of OpenWrt-based Network Devices

A cybersecurity researcher today disclosed technical details and proof-of-concept of a critical remote code execution vulnerability affecting OpenWrt, a widely used Linux-based operating system for routers, residential gateways, and other embedded devices that route network traffic. Tracked as...

Android Media framework elevation of privilege vulnerability (CNVD-2020-16083)

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. Media Framework is one of the multimedia development frameworks. A security vulnerability exists in Media framework in Android. An attacker can exploit this vulnerability to elevate...

Android FPC elevation of privilege vulnerability

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. There is a security vulnerability in FPC in Android. An attacker can exploit the vulnerability to elevate privileges...

Google Android System Component Resource Management Error Vulnerability

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. System is one of the system components. A resource management error vulnerability exists in the Google Android System component. An attacker can exploit this vulnerability to execute co...

Google Android Remote Code Execution Vulnerability (CNVD-2019-35253)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. A remote code execution vulnerability exists in Google Android 10. The vulnerability stems from an out-of-bounds write problem in libxaac in Android caused by a lac...

CVE-2019-0061

The management daemon MGD is responsible for all configuration and management operations in Junos OS. The Junos CLI communicates with MGD over an internal unix-domain socket and is granted special permission to open this protected mode socket. Due to a misconfiguration of the internal socket, a...

Design/Logic Flaw

The management daemon MGD is responsible for all configuration and management operations in Junos OS. The Junos CLI communicates with MGD over an internal unix-domain socket and is granted special permission to open this protected mode socket. Due to a misconfiguration of the internal socket, a...

CVE-2019-0061 Junos OS: Insecure management daemon (MGD) configuration may allow local privilege escalation

The management daemon MGD is responsible for all configuration and management operations in Junos OS. The Junos CLI communicates with MGD over an internal unix-domain socket and is granted special permission to open this protected mode socket. Due to a misconfiguration of the internal socket, a...

CVE-2019-0061

CVE-2019-0061 describes a local privilege-escalation flaw in Junos OS where a misconfigured internal unix-domain socket in the management daemon (MGD) can allow a local, authenticated user to gain administrative privileges. Affected are Linux-based Junos deployments (FreeBSD unaffected); exploita...

Google Android Information Disclosure Vulnerability (CNVD-2019-34400)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. Google Android 10 suffers from an information disclosure vulnerability that can be exploited by remote attackers to obtain information...

Google Android Denial of Service Vulnerability (CNVD-2019-34404)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. Google Android 10 suffers from a denial of service vulnerability that can be exploited by remote attackers to cause a denial of service...

Google Android MNH Mobilization Vulnerability

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. MNH driver is one of the MNH drivers. An elevation of privilege vulnerability exists in the MNH driver in Google Android. An attacker can exploit this vulnerability to elevate privilege...

Google Android Media Framework Code Execution Vulnerability (CNVD-2019-40851)

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. Media Framework is one of the multimedia development frameworks. A code execution vulnerability exists in Media framework in Android. An attacker can exploit this vulnerability to execu...

Cisco UCS Director_ Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data - Multiple Vulnerabilities

Cisco UCS Director Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data - Multiple Vulnerabilities Multiple critical vulnerabilities in Cisco UCS Director, Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data...

Google Android System suffers from an unspecified vulnerability (CNVD-2019-28633)

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. System is one of the system components. A security vulnerability exists in System in Android. An attacker can exploit this vulnerability to elevate privileges...

Google Android Framework elevation of privilege vulnerability (CNVD-2019-38882)

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA, of which Framework is a component of the Android framework. There is an elevation of privilege vulnerability in Framework in Android. An attacker can exploit this vulnerability to elevate...

Netwide Assembler Code Issue Vulnerability

Netwide Assembler NASM is a Linux-based assembler. The product is capable of creating binaries and writing bootloaders. A code issue vulnerability exists in Netwide Assembler. The vulnerability stems from an improperly designed or implemented code development process for a networked system or...

A New Ransomware Is Targeting Network Attached Storage (NAS) Devices

A new ransomware family has been found targeting Linux-based Network Attached Storage NAS devices made by Taiwan-based QNAP Systems and holding users' important data hostage until a ransom is paid, researchers told The Hacker News. Ideal for home and small business, NAS devices are dedicated file...

This Cryptomining Malware Launches Linux VMs On Windows and macOS

Cybersecurity researchers from at least two firms today unveiled details of a new strain of malware that targets Windows and macOS systems with a Linux-based cryptocurrency mining malware. It may sound strange, but it's true. Dubbed "LoudMiner " and also "Bird Miner, " the attack leverages...

Man-In-The-Middle (MitM)

Red Hat Satellite is a systems management tool for Linux-based infrastructures. It allows for provisioning, remote management and monitoring of multiple Linux deployments with a single, centralized tool. It performs provisioning and configuration management of predefined standard operating...