369 matches found
CVE-2021-34557
XScreenSaver 5.45 can be bypassed if the machine has more than ten disconnectable video outputs. A buffer overflow in updatescreenlayout allows an attacker to bypass the standard screen lock authentication mechanism by crashing XScreenSaver. The attacker must physically disconnect many video...
CVE-2021-34557
XScreenSaver 5.45 can be bypassed if the machine has more than ten disconnectable video outputs. A buffer overflow in updatescreenlayout allows an attacker to bypass the standard screen lock authentication mechanism by crashing XScreenSaver. The attacker must physically disconnect many video...
Deploying EFBs securely
It may come as a surprise to some to discover that electronic flight bag security at airlines is often quite variable. Whilst some use an MDM, a lot don’t. Of those who do, PINs are often weak. Some airlines actively encourage pilots to use their devices for personal use. We’ve heard stories of a...
USN-4958-1 caribou vulnerability
It was discovered that the Caribou onscreen keyboard could be made to crash when given certain input values. An attacker could use this to bypass screen-locking applications that support using Caribou as an input mechanism...
EFB Safety Advice for Pilots
As a pilot you will be all too aware of how important an electronic flight bag EFB is to you and your role. It’s probably critical to your takeoff performance calculations, your roster, pax lists and plenty more. It’s one thing if its not working, but have you ever stopped to consider what could...
The vulnerability of the Windows operating system, related to errors in the code, allows a hacker to bypass Windows’ screen lock security features.
The vulnerability of the Windows operating system is related to errors in the code. Exploiting this vulnerability can allow an attacker to bypass Windows’ screen lock security features...
CVE-2020-1908
Improper authorization of the Screen Lock feature in WhatsApp and WhatsApp Business for iOS prior to v2.20.100 could have permitted use of Siri to interact with the WhatsApp application even after the phone was locked...
Authorization
Improper authorization of the Screen Lock feature in WhatsApp and WhatsApp Business for iOS prior to v2.20.100 could have permitted use of Siri to interact with the WhatsApp application even after the phone was locked...
CVE-2020-1908
Improper authorization of the Screen Lock feature in WhatsApp and WhatsApp Business for iOS prior to v2.20.100 could have permitted use of Siri to interact with the WhatsApp application even after the phone was locked...
CVE-2020-1908
CVE-2020-1908 affects WhatsApp and WhatsApp Business on iOS before v2.20.100. The issue is improper authorization of the Screen Lock feature, which could allow Siri to interact with the WhatsApp app after the device is locked. Impacted components are the iOS WhatsApp apps; root cause cited is imp...
CVE-2020-9946
This issue was addressed with improved checks. This issue is fixed in iOS 14.0 and iPadOS 14.0, watchOS 7.0. The screen lock may not engage after the specified time period...
CVE-2020-9946
This issue was addressed with improved checks. This issue is fixed in iOS 14.0 and iPadOS 14.0, watchOS 7.0. The screen lock may not engage after the specified time period...
CVE-2020-9946
CVE-2020-9946 affects Apple devices (iOS/iPadOS/watchOS) where the screen lock may not engage after the specified time period. The issue was addressed with improved checks and is fixed in iOS 14.0 / iPadOS 14.0 and watchOS 7.0. The NVD entry notes a local attack vector with low attack complexity ...
CVE-2020-9946
This issue was addressed with improved checks. This issue is fixed in iOS 14.0 and iPadOS 14.0, watchOS 7.0. The screen lock may not engage after the specified time period...
PT-2020-20888 · Apple · Ios +2
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 14.0 iPadOS versions prior to 14.0 watchOS versions prior to 7.0 Description: The screen lock may not engage after the specified time period due to an issue that has been addressed with improved checks. Recommendations:...
The vulnerability of the Fly-wm window manager, related to the disclosure of information, allows attackers to gain access to confidential data.
The vulnerability of the Fly-wm window manager is related to the disclosure of information when both the screen shutdown and the lock mechanism are activated at the same time. Exploiting this vulnerability can allow an attacker to gain access to confidential data...
Hardcoded credentials
In onKeyguardVisibilityChanged of keystoreservice.cpp, there is a missing permission check. This could lead to local escalation of privilege, allowing apps to use keyguard-bound keys when the screen is locked, with no additional execution privileges needed. User interaction is not needed for...
Unspecified Vulnerability in Samsung Mobile Devices (CNVD-2020-40832)
Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. Samsung mobile devices have a security vulnerability that can be exploited by attackers to conduct brute force attacks on screen lock passwords...
CVE-2020-10849
An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 Exynos7885, Exynos8895, and Exynos9810 chipsets software. The Gatekeeper trustlet allows a brute-force attack on the screen lock password. The Samsung ID is SVE-2019-14575 January 2020...
CVE-2020-10849
An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 Exynos7885, Exynos8895, and Exynos9810 chipsets software. The Gatekeeper trustlet allows a brute-force attack on the screen lock password. The Samsung ID is SVE-2019-14575 January 2020...