35 matches found
EUVD-2018-8658
Malware in sbrugna...
EUVD-2018-8663
Malware in sbrugna...
Huawei EMUI和Huawei HarmonyOS 安全漏洞
Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. An improper access control vulnerability exists in Huawei EMUI and HarmonyOS MTP module, which can be exploited b...
SAMSUNG Mobile devices security vulnerability
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from Samsung South Korea. A security vulnerability exists in SAMSUNG Mobile devices SMR Jul-2024 Release 1 prior to version 1, which stems from an improper authentication issue in the MTP applicatio...
Oracle Linux 7 : qemu (ELSA-2018-4313)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-4313 advisory. - usb-mtp: outlaw slashes in filenames Gerd Hoffmann Orabug: 29037012 CVE-2018-16867 - lsi53c895a: check message length value is valid Prasad J Pandit Orabug:...
CVE-2022-36847
Use after free vulnerability in mtpsendsignal function of MTP driver prior to SMR Sep-2022 Release 1 allows attackers to perform malicious actions...
The vulnerability of the `usb_mtp_write_data` function in the Qemu Media Transfer Protocol implementation, an emulator for hardware devices in the QEMU environment, allows a perpetrator to cause a service failure or execute arbitrary code.
The vulnerability of the usbmtpwritedata function in the Qemu Media Transfer Protocol implementation, within the QEMU hardware emulation software, arises due to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause a service failure or...
Canonical Unity8 Information Disclosure Vulnerability
Canonical Unity8 is a graphical user interface for the GNOME desktop environment developed by Canonical in the UK. An information disclosure vulnerability exists in Canonical Unity8. The vulnerability can be exploited by an attacker to initiate MTP services via the emergency dialer...
Samsung Mobile Device Input Validation Error Vulnerability (CNVD-2020-32822)
Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. Samsung mobile devices have an input validation error vulnerability that can be exploited by an attacker to read/write files in a locked state with the help of a...
CVE-2017-18648
An issue was discovered on Samsung mobile devices with KK4.4.x, L5.x, M6.x, and N7.x software. Arbitrary file read/write operations can occur in the locked state via a crafted MTP command. The Samsung ID is SVE-2017-10086 November 2017...
Debian DLA-2169-1 : libmtp security update
libmtp is a library for communicating with MTP aware devices. The Media Transfer Protocol commonly referred to as MTP is a devised set of custom extensions to support the transfer of music files on USB digital audio players and movie files on USB portable media players. CVE-2017-9831 An integer...
CVE-2018-16867
A flaw was found in QEMU's Media Transfer Protocol MTP where a path traversal in the in usbmtpwritedata function in hw/usb/dev-mtp.c due to an improper file name sanitization. Reading and writing of arbitrary files is allowed when a guest device is mounted which may lead to a denial of service...
EulerOS Virtualization for ARM 64 3.0.2.0 : qemu-kvm (EulerOS-SA-2020-1266)
According to the versions of the qemu-kvm packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In QEMU 3.0.0, tcpemu in slirp/tcpsubr.c has a heap-based buffer overflow.CVE-2019-6778 - A flaw was found in QEMU's...
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2020-1266)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
The vulnerability of the QEMU implementation of the Media Transfer Protocol allows a perpetrator to gain unauthorized access to information.
The vulnerability of the QEMU implementation of the Media Transfer Protocol is caused by synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to information...
CVE-2018-16872
A flaw was found in QEMU's Media Transfer Protocol MTP. The code opening files in usbmtpgetobject and usbmtpgetpartialobject and directories in usbmtpobjectreaddir doesn't consider that the underlying filesystem may have changed since the time lstat2 was called in usbmtpobjectalloc, a classical...
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2019-1815)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.3.0 : qemu-kvm (EulerOS-SA-2019-2352)
According to the versions of the qemu-kvm packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In QEMU 3.0.0, tcpemu in slirp/tcpsubr.c has a heap-based buffer overflow.CVE-2019-6778 - A flaw was found in QEMU's...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : QEMU vulnerabilities (USN-3923-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3923-1 advisory. Michael Hanselmann discovered that QEMU incorrectly handled the Media Transfer Protocol MTP. An attacker inside the guest could u...
USN-3923-1 qemu vulnerabilities
Michael Hanselmann discovered that QEMU incorrectly handled the Media Transfer Protocol MTP. An attacker inside the guest could use this issue to read or write arbitrary files and cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.10. CVE-2018-16867...