1827 matches found
CVE-2021-30315
Improper handling of sensor HAL structure in absence of sensor can lead to use after free in Snapdragon Auto...
Input validation
Improper handling of sensor HAL structure in absence of sensor can lead to use after free in Snapdragon Auto...
CVE-2021-30315
Improper handling of sensor HAL structure in absence of sensor can lead to use after free in Snapdragon Auto...
CVE-2021-30315
CVE-2021-30315 concerns improper handling of the sensor HAL structure in the absence of the sensor, leading to a use-after-free condition in Snapdragon Auto. Public documentation reiterates the root cause as sensor HAL mismanagement and lists Qualcomm’s sensor subsystem as the affected area. Conn...
maltrail
This is a Python-based malicious traffic detection system called Maltrail. It is designed to identify and report malicious traffic, including malware, suspicious domains, and other types of malicious activity. The system uses a combination of publicly available blacklists and custom user-defined...
Qualcomm 多款产品资源管理错误漏洞
The Qualcomm QCA6574AU is a central processing unit CPU product from Qualcomm Incorporated USA. A resource management error vulnerability exists in multiple Qualcomm products, which is triggered by mishandling the sensor HAL structure in the absence of a sensor. The following products and version...
The vulnerability of U.motion’s sensor panel’s microprogramming software lies in the lack of protective measures for the SQL query structure, allowing attackers to execute arbitrary code.
The vulnerability of U.motion’s sensor panel’s microprogramming software is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...
New Glowworm Attack Recovers Device's Sound from Its LED Power Indicator
A novel technique leverages optical emanations from a device's power indicator LED to recover sounds from connected peripherals and spy on electronic conversations from a distance of as much as 35 meters. Dubbed the "Glowworm attack," the findings were published by a group of academics from the...
CVE-2021-38546
CREATIVE Pebble devices through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. The power indicator LED of the speakers is connected directly to the power line, as a result, the intensit...
CVE-2021-38545
Raspberry Pi 3 B+ and 4 B devices through 2021-08-09, in certain specific use cases in which the device supplies power to audio-output equipment, allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. We...
CVE-2021-38548
JBL Go 2 devices through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. The power indicator LED of the speakers is connected directly to the power line, as a result, the intensity of a...
CVE-2021-38549
MIRACASE MHUB500 USB splitters through 2021-08-09, in certain specific use cases in which the device supplies power to audio-output equipment, allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. We...
CVE-2021-38543
TP-Link UE330 USB splitter devices through 2021-08-09, in certain specific use cases in which the device supplies power to audio-output equipment, allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. We...
CVE-2021-38546
CREATIVE Pebble devices through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. The power indicator LED of the speakers is connected directly to the power line, as a result, the intensit...
CVE-2021-38545
Raspberry Pi 3 B+ and 4 B devices through 2021-08-09, in certain specific use cases in which the device supplies power to audio-output equipment, allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. We...
CVE-2021-38547
Logitech Z120 and S120 speakers through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. The power indicator LED of the speakers is connected directly to the power line, as a result, the...
CVE-2021-38549
MIRACASE MHUB500 USB splitters through 2021-08-09, in certain specific use cases in which the device supplies power to audio-output equipment, allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. We...
CVE-2021-38548
JBL Go 2 devices through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. The power indicator LED of the speakers is connected directly to the power line, as a result, the intensity of a...
Code injection
TP-Link UE330 USB splitter devices through 2021-08-09, in certain specific use cases in which the device supplies power to audio-output equipment, allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. We...
Code injection
CREATIVE Pebble devices through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. The power indicator LED of the speakers is connected directly to the power line, as a result, the intensit...