95 matches found
PT-2024-13530 · Unknown · Com.Bdrm.Superreboot
Name of the Vulnerable Software and Affected Versions: com.bdrm.superreboot version 1.0.3 Description: The Android application exposes several critical actions through its exported broadcast receivers, allowing any app on the device to send unauthorized broadcasts. This can lead to unintended...
Epson Stylus SX510W Printer Remote Power Off - Denial of Service
Exploit Title: Epson Stylus SX510W Printer Remote Power Off - Denial of Service PoC Discovery by: Rafael Pedrero Discovery Date: 2020-05-16 Vendor Homepage: https://www.epson.es/ Software Link : https://www.epson.es/products/printers/inkjet-printers/for-home/epson-stylus-sx510w Tested Version:...
Epson Stylus SX510W Printer Remote Power Off - Denial of Service Vulnerability
Exploit Title: Epson Stylus SX510W Printer Remote Power Off - Denial of Service PoC Discovery by: Rafael Pedrero Vendor Homepage: https://www.epson.es/ Software Link : https://www.epson.es/products/printers/inkjet-printers/for-home/epson-stylus-sx510w Tested Version: EPSONLinux UPnP/1.0 Epson UPn...
Security Bulletin: Risks of Using the Intelligent Platform Management Interface (IPMI) on the Integrated Management Module (IMM) and Integrated Management Module II (IMM2) (CVE-2013-4038, CVE-2013-4037, CVE-2013-4031)
Summary Various risks with the Intelligent Platform Management Interface IPMI have been identified and documented in the IT security community. Because the IMM and IMM2 provide IPMI access by default, a subset of these identified risks are applicable to IBM servers that include the IMM and IMM2...
UK’s NCA infiltrates cybercrime market with fake DDoS sites
By Waqas The National Crime Agency NCA has conducted a sting operation to infiltrate the cybercrime market with fake DDoS sites for Operation Power Off. This is a post from HackRead.com Read the original post: UKs NCA infiltrates cybercrime market with fake DDoS sites...
CVE-2023-21461
Improper authorization vulnerability in AutoPowerOnOffConfirmDialog in Settings prior to SMR Mar-2023 Release 1 allows local attacker to turn device off via unprotected activity...
GSD-2023-1001631 Input: elants_i2c - properly handle the reset GPIO when power is off
Input: elantsi2c - properly handle the reset GPIO when power is off This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.337 by commit...
GSD-2023-1001469 Input: elants_i2c - properly handle the reset GPIO when power is off
Input: elantsi2c - properly handle the reset GPIO when power is off This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...
GSD-2023-1001166 Input: elants_i2c - properly handle the reset GPIO when power is off
Input: elantsi2c - properly handle the reset GPIO when power is off This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...
GSD-2023-1000768 Input: elants_i2c - properly handle the reset GPIO when power is off
Input: elantsi2c - properly handle the reset GPIO when power is off This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
bluez 安全漏洞
BlueZ is a Bluetooth protocol stack written in C. It is primarily used to provide support for the core Bluetooth layers and protocols. A security vulnerability exists in bluez that stems from the fact that bluez's bluetoothd incorrectly saves the discoverable state of the adapter when the device ...
paradoxiaRAT - Native Windows Remote Access Tool
Paradoxia Remote Access Tool. Features Paradoxia Console Feature | Description ---|--- Easy to use | Paradoxia is extremely easy to use, So far the easiest rat! Root Shell | - Automatic Client build | Build Paradoxia Client easily with or without the icon of your choice. Multithreaded |...
QNAP QTS < 4.2.6 build 20180829, 4.3.3 < build 20180810, 4.3.4 < build 20180810, 4.3.5 < build 20181110 Multiple Vulnerabilities
QNAP QTS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts"; ifdescription...
Authorization
Improper Authorization vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could allow remote attackers to power off the NAS...
CVE-2018-14748
Improper Authorization vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could allow remote attackers to power off the NAS...
CVE-2018-14748
Improper Authorization vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could allow remote attackers to power off the NAS...
CVE-2018-14748
Improper Authorization vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could allow remote attackers to power off the NAS...
Oracle VirtualBox Manager 5.2.18 r124319 - Name Attribute Denial of Service (PoC)
Oracle VirtualBox Manager 5.2.18 r124319 - Name Attribute Denial of Service PoC Exploit Title: Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service PoC Discovery by: Jose Eduardo Castro Discovery Date: 2018-09-14 Vendor Homepage: https://www.virtualbox.org/ Software Link:...
What You Need To Know - Summer 2018 State of the Internet / Security: Web Attack Report
It's that time of year - the Summer 2018 State of the Internet / Security: Web Attack report is now live. This new naming schema is just one of the many changes you'll notice if you're a returning reader of quarterly report, and there are more changes coming as we work to bring you insights and...
DDoS-for-Hire Service Webstresser Dismantled
Authorities in the U.S., U.K. and the Netherlands on Tuesday took down popular online attack-for-hire service WebStresser.org and arrested its alleged administrators. Investigators say that prior to the takedown, the service had more than 136,000 registered users and was responsible for launching...