15 matches found
Siemens SIMATIC Devices Use After Free (CVE-2024-42302)
In the Linux kernel, the following vulnerability has been resolved: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal Keith reports a use-after-free when a DPC event occurs concurrently to hot- removal of the same portion of the hierarchy: The dpchandler awaits readiness of the...
Linux Distros Unpatched Vulnerability : CVE-2016-0849
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple integer overflows in minzip/SysUtil.c in the Recovery Procedure in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allow...
M-03 Unmitigated
Lines of code Vulnerability details Description The problem identified by both wardens is the chance of using the initial signed recovery transaction to reinitialize the recovery procedure again after its cancellation, as long as this three transaction are done one after other. However the...
Cisco device config dumping
Quick guide to recovering configs from Cisco switches and routers We have recently done work in situations where recovering the Cisco config from one device e.g. an edge switch can give us useful information. This includes: VLANs even for VLANs that are not used on that piece of equipment Which...
CVE-2017-2872
Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A HTTP request can allow for a user to perform a firmware upgrade using a crafted image. Before any firmware upgrades in this image are flashed to the device...
CVE-2017-2871
Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. An attacker who is in the same subnetwork of the camera or has remote administrator access can fully compromise the device by performing a firmware recovery...
Foscam IP Video Camera Firmware Recovery Unsigned Image Vulnerability
Summary Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. An attacker who is in the same subnetwork of the camera or has remote administrator access, can fully compromise the device by performing a firmware...
Foscam IP Video Camera Remote Code Execution Vulnerability
Foscam C1 Indoor HD Camera is a wireless HD IP camera from Foscam China. A remote code execution vulnerability exists in the recovery procedure in the Foscam C1 Indoor HD Camera, which stems from the program failing to perform adequate security monitoring. The vulnerability can be exploited to...
Vulnerabilities in the Android operating system that allow a hacker to increase their privileges
The multiple vulnerabilities of the minzip/SysUtil.c function in the Recovery Procedure component of the Android operating system are caused by a numerical overflow. Exploiting these vulnerabilities could allow an attacker, operating locally, to enhance their privileges through a specially create...
CVE-2016-0849
Multiple integer overflows in minzip/SysUtil.c in the Recovery Procedure in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug...
CVE-2016-0849
Multiple integer overflows in minzip/SysUtil.c in the Recovery Procedure in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug...
CVE-2016-0849
Multiple integer overflows in minzip/SysUtil.c in the Recovery Procedure in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug...
UBUNTU-CVE-2016-0849
Multiple integer overflows in minzip/SysUtil.c in the Recovery Procedure in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug...
CVE-2016-0849
CVE-2016-0849 describes an Elevation of Privilege in Android’s Recovery Procedure due to multiple integer overflows in minzip/SysUtil.c. A local attacker could exploit a crafted application to gain Signature or SignatureOrSystem privileges. Affected versions: Android 5.0.x prior to 5.0.2, 5.1.x p...
Android Recovery Procedure Elevation of Privilege Vulnerability
Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA, of which Recovery Procedure is one of the recovery process modules. An elevation of privilege vulnerability exists in Android's Recovery Procedure. A local attacker could exploit...