5822 matches found
The vulnerability of the Android operating system, which allows a perpetrator to obtain confidential information or bypass security mechanisms
The vulnerability of the Android operating system’s Native Frameworks library relates to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to obtain confidential information or bypass security mechanisms...
Mageia: Security Advisory (MGASA-2016-0090)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated tomcat packages fix security vulnerabilities
Updated tomcat packages fix security vulnerabilities: Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 7.x before 7.0.65 allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. slash dot dot in a pathname used b...
Zemana Mobile Security - External URLs, Native code usage, SD-card access vulnerabilities
HackApp vulnerability scanner discovered that application Zemana Mobile Security published at the 'play' market has multiple vulnerabilities...
Romantic FM - External URLs, Native code usage, SD-card access vulnerabilities
HackApp vulnerability scanner discovered that application Romantic FM published at the 'play' market has multiple vulnerabilities...
Delicate Hardware Hacks Could Unlock Shooter's iPhone
A researcher at IOActive believes the U.S. intelligence community has the capability to carry out a delicate hardware hack that could unlock the iPhone 5c at the center of the current FBiOS debate. The attack requires considerable financial resources and acumen with an intrusive attack against th...
mts centar - Customized SSL, External URLs, Native code usage vulnerabilities
HackApp vulnerability scanner discovered that application mts centar published at the 'play' market has multiple vulnerabilities...
UBUNTU-CVE-2016-1949
Mozilla Firefox before 44.0.2 does not properly restrict the interaction between Service Workers and plugins, which allows remote attackers to bypass the Same Origin Policy via a crafted web site that triggers spoofed responses to requests that use NPAPI, as demonstrated by a request for a...
Cisco Unified IP Phone Detection
The script sends a connection request to the server and attempts to extract the version number from the reply. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...
Qemu: ide: ahci use-after-free vulnerability in aio port commands
A use-after-free flaw was found in the way QEMU's IDE AHCI emulator processed certain AHCI Native Command Queuing NCQ AIO commands. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU proces...
Qemu: ide: ahci use-after-free vulnerability in aio port commands
A use-after-free flaw was found in the way QEMU's IDE AHCI emulator processed certain AHCI Native Command Queuing NCQ AIO commands. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU proces...
Important: Red Hat Security Advisory: qemu-kvm-rhev security update
Updated qemu-kvm-rhev packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
Google Android ADB Debug Server - Remote Payload Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/proto/adb' class Metasploit3 'Android ADB Debug Server Remote Payload Execution', 'Description' = %q Writes and spawns a native payload on...
UBUNTU-CVE-2016-1944
The Buffer11::NativeBuffer11::map function in ANGLE, as used in Mozilla Firefox before 44.0, might allow remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via unknown vectors...
Android ADB Debug Server Remote Payload Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/proto/adb' class Metasploit3 'Android ADB Debug Server Remote Payload Execution', 'Description' = %q Writes and spawns a native payload on...
Android ADB Debug Server Remote Payload Execution
Writes and spawns a native payload on an android device that is listening for adb debug messages. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Android ADB Debug Server Remote Payload...
The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure or cause other effects.
The vulnerability of the The ObjectBackedNativeHandler class extensions/renderer/objectbackednativehandler.cc in the Google Chrome browser extension framework is related to errors in the implementation of the handler functions. Exploiting this vulnerability may allow an attacker to cause service...
UBUNTU-CVE-2015-6788
The ObjectBackedNativeHandler class in extensions/renderer/objectbackednativehandler.cc in the extensions subsystem in Google Chrome before 47.0.2526.80 improperly implements handler functions, which allows remote attackers to cause a denial of service or possibly have unspecified other impact vi...
chromium-browser: Type confusion in extensions
The ObjectBackedNativeHandler class in extensions/renderer/objectbackednativehandler.cc in the extensions subsystem in Google Chrome before 47.0.2526.80 improperly implements handler functions, which allows remote attackers to cause a denial of service or possibly have unspecified other impact vi...
Android Native Frameworks Library Information Disclosure Vulnerability
Android is a cell phone operating system based on the Linux open kernel. A security vulnerability exists in the implementation of the Native Frameworks Library in Android versions prior to 5.1.1 LMY48Z and 6.0 2015-12-01, which can be exploited by remote attackers to obtain sensitive information...