USN-8396-1 apache2 vulnerabilities

It was discovered that the Apache HTTP Server modrewrite module incorrectly handled certain privileges. A local attacker could possibly use this issue to obtain sensitive information. CVE-2026-24072 Andrew Lacambra, Elhanan Haenel, Tianshuo Han, and Tristan Madani discovered that the Apache HTTP...

CVE-2020-1908

Improper authorization of the Screen Lock feature in WhatsApp and WhatsApp Business for iOS prior to v2.20.100 could have permitted use of Siri to interact with the WhatsApp application even after the phone was locked...

SAMSUNG Mobile devices 授权问题漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung SAMSUNG. A security vulnerability previously existed in SAMSUNG Mobile devices SMR May-2023 Release 1 version, which originated in AppLock and allowed a local...

SUSE CVE-2013-7221

The automatic screen lock functionality in GNOME Shell aka gnome-shell before 3.10 does not prevent access to the "Enter a Command" dialog, which allows physically proximate attackers to execute arbitrary commands by leveraging an unattended workstation...

Verbatim Keypad Secure USB Drive 安全漏洞

The Verbatim Keypad Secure USB Drive is a hardware encrypted USB flash drive from Verbatim Corporation of China. A security vulnerability exists in the Verbatim Keypad Secure USB Drive that stems from a problem with the security lock, which can be attempted more than the required number of times...

HUAWEI HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei of China. A security vulnerability exists in the Huawei HarmonyOS system application, which stems from a configuration flaw in the phone's activation lock. An attacker could exploit the vulnerability to cause a denial of service...

UBUNTU-CVE-2017-2671

The pingunhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service panic by leveraging access to the protocol value of...

China Telecom WingPay Android client gesture lock has design flaws

Wing Pay is a mobile payment service launched by China Telecom. A design vulnerability exists in the gesture lock of the Wing Pay Android client. By exploiting the vulnerability, an attacker can bypass the gesture lock security mechanism of the Wing Pay Android client and obtain users' private...

USN-2475-1 gtk+3.0 update

Clemens Fries discovered that GTK+ allowed bypassing certain screen locks by using the menu key. An attacker with physical access could possibly use this flaw to gain access to a locked session...

CVE-2008-4230

The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 displays SMS messages when the emergency-call screen is visible, which allows physically proximate attackers to obtain sensitive information by reading these messages. NOTE: this might be a...

File locking and security

Topic : File locking and security Author : 3APA3A Affected software : Windows NT 4.0, Windows 2000 and may be another systems Exploitable : Yes Remotely exploitable : No Category : Design flaw Background: Application can lock the file after file description is open by application or in open call...