135 matches found
EPSON EasyMP Network Projection 2.81 - 'EMP_NSWLSV' Unquoted Service Path
Exploit Title: EPSON EasyMP Network Projection 2.81 - 'EMPNSWLSV' Unquoted Service Path Discovery by: Roberto Piña Discovery Date: 2020-02-13 Vendor Homepage: https://epson.com/support/easymp-network-projection-v2-86-for-windows Software Link :https://ftp.epson.com/drivers/epson16189.exe SEIKO...
EPSON EasyMP Network Projection 2.81 Unquoted Service Path
Exploit Title: EPSON EasyMP Network Projection 2.81 - 'EMPNSWLSV' Unquoted Service Path Discovery by: Roberto Piña Discovery Date: 2020-02-13 Vendor Homepage: https://epson.com/support/easymp-network-projection-v2-86-for-windows Software Link :https://ftp.epson.com/drivers/epson16189.exe SEIKO...
CVE-2019-2211
In createProjectionMapForQuery of TvProvider.java, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9...
CVE-2018-1273
Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user or attacker can supply specially crafted request parameters...
Building a New Language for Data Processing
Building a New Language for Data Translation In previous posts, we’ve talked about the plan for and implementation of EQR Event Query Router—a system we created to solve the problem of querying large quantities of disparate data by end-user analysts in real-time. As with any major project, we fac...
spring-data-commons: XXE with Spring Data’s XMLBeam integration
Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2.0.7, used in combination with XMLBeam 1.4.14 or earlier versions, contains a property binder vulnerability caused by improper restriction of XML external entity references as underlying library XMLBeam does not restrict extern...
Spring Data Commons remote code injection vulnerability
Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user or attacker can supply specially crafted request parameters...
GHSA-4FQ3-MR56-CG6R Spring Data Commons remote code injection vulnerability
Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user or attacker can supply specially crafted request parameters...
CVE-2018-1273
Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user or attacker can supply specially crafted request parameters...
The vulnerability of the Android operating system allows a hacker to bypass the user’s warning when a screenshot is taken and gain access to the protected information.
The vulnerability of the Media Projection component in the Android operating system is related to deficiencies in access control for certain functions. Exploiting this vulnerability allows a malicious actor to bypass user notifications about screen capture and gain access to protected information...
Android Information Leakage Vulnerability
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, of which Media Projection is a media projection component. A security vulnerability exists in the Media Projection component of Android. The vulnerability can be exploited by an...
CVE-2015-3878
Media Projection in Android 5.x before 5.1.1 LMY48T and 6.0 before 2015-10-01 allows attackers to bypass an intended screen-recording warning feature and obtain sensitive screen-snapshot information via a crafted application that references a long application name, aka internal bug 23345192...
CVE-2015-3878
The CVE-2015-3878 issue affects the Media Projection component in Android 5.x (before 5.1.1 LMY48T) and Android 6.0 (before the 2015-10-01 patch). A vulnerability arises when an application uses an excessively long name, which can bypass the screen-recording warning and allow a local attacker to ...
[SECURITY] Fedora 18 Update: marble-4.10.5-1.fc18
Marble is a Virtual Globe and World Atlas that you can use to learn more about Earth: You can pan and zoom around and you can look up places and roads. A mouse click on a place label will provide the respective Wikipedia article. Of course it's also possible to measure distances between locations...
[SECURITY] Fedora 16 Update: marble-4.7.1-1.fc16
Marble is a Virtual Globe and World Atlas that you can use to learn more about Earth: You can pan and zoom around and you can look up places and roads. A mouse click on a place label will provide the respective Wikipedia article. Of course it's also possible to measure distances between locations...