CVE-2020-7958

An issue was discovered on OnePlus 7 Pro devices before 10.0.3.GM21BA. The firmware was found to contain functionality that allows a privileged user root in the Rich Execution Environment REE to obtain bitmap images from the fingerprint sensor because of Leftover Debug Code. The issue is that the...

CVE-2020-7958

The CVE-2020-7958 entry concerns OnePlus 7 Pro devices (prior to 10.0.3.GM21BA). A leftover-debug-code issue in the firmware allows a privileged root user in the Rich Execution Environment (REE) to obtain bitmap fingerprint images from the sensor. The root cause is that the Trusted Application (T...

CVE-2017-18690

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.0 Exynos54xx, Exynos7420, Exynos8890, or Exynos8895 chipsets software. There is a buffer overflow in the sensor hub. The Samsung ID is SVE-2016-7484 January 2017...

CVE-2017-18690

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.0 Exynos54xx, Exynos7420, Exynos8890, or Exynos8895 chipsets software. There is a buffer overflow in the sensor hub. The Samsung ID is SVE-2016-7484 January 2017...

CVE-2016-11030

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, and M6.0 with Hrm sensor support software. The sysfs of the MAX86902 sensor driver does not prevent concurrent access, leading to a race condition and resultant heap-based buffer overflow. The Samsung ID is SVE-2016-7341...

CVE-2017-18690

CVE-2017-18690 involves a buffer overflow in the sensor hub of certain Samsung mobile devices. Affected platforms include KK (4.4), L (5.0/5.1), M (6.0), and N (7.0) with Exynos54xx, Exynos7420, Exynos8890, or Exynos8895 chipsets. The available public description notes a sensor-hub buffer overflo...

CVE-2017-18690

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.0 Exynos54xx, Exynos7420, Exynos8890, or Exynos8895 chipsets software. There is a buffer overflow in the sensor hub. The Samsung ID is SVE-2016-7484 January 2017...

CVE-2016-11030

The CVE-2016-11030 issue affects Samsung mobile devices running KK/4.4, L/5.0-5.1, and M/6.0 with Hrm sensor support. The MAX86902 sensor driver sysfs allows concurrent access, enabling a race condition that results in a heap-based buffer overflow. This is the concrete vulnerability described in ...

CVE-2016-11030

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, and M6.0 with Hrm sensor support software. The sysfs of the MAX86902 sensor driver does not prevent concurrent access, leading to a race condition and resultant heap-based buffer overflow. The Samsung ID is SVE-2016-7341...

Paessler AG PRTG Network Monitor Remote Code Execution Vulnerability

Paessler AG PRTG Network Monitor is a full-featured network monitoring and management software from Paessler AG, Germany. A remote code execution vulnerability exists in versions prior to PRTG Network Monitor 19.4.54.1506, which stems from the program failing to perform sufficient cleanup...

Paessler PRTG Network Monitor Access Control Error Vulnerability

Paessler PRTG Network Monitor is a full-featured network monitoring and management software from the German company Paessler. A security vulnerability exists in PRTG Network Monitor version 19.1.49 and prior versions, which stems from the program failing to perform sufficient cleanup operations...

CVE-2019-11074

A Write to Arbitrary Location in Disk vulnerability exists in PRTG Network Monitor 19.1.49 and below that allows attackers to place files in arbitrary locations with SYSTEM privileges although not controlling the contents of such files due to insufficient sanitisation when passing arguments to th...

Design/Logic Flaw

A Write to Arbitrary Location in Disk vulnerability exists in PRTG Network Monitor 19.1.49 and below that allows attackers to place files in arbitrary locations with SYSTEM privileges although not controlling the contents of such files due to insufficient sanitisation when passing arguments to th...

CVE-2019-11074

A Write to Arbitrary Location in Disk vulnerability exists in PRTG Network Monitor 19.1.49 and below that allows attackers to place files in arbitrary locations with SYSTEM privileges although not controlling the contents of such files due to insufficient sanitisation when passing arguments to th...

CVE-2019-11073

A Remote Code Execution vulnerability exists in PRTG Network Monitor before 19.4.54.1506 that allows attackers to execute code due to insufficient sanitization when passing arguments to the HttpTransactionSensor.exe binary. In order to exploit the vulnerability, remote authenticated administrator...

Updated kernel packages fix security vulnerabilities

This update is based on upstream 5.5.9 and fixes at least the following security vulnerabilities: In the Linux kernel 5.4.0-rc2, there is a use-after-free read in the blkaddtrace function in kernel/trace/blktrace.c which is used to fill out a blkiotrace structure and place it in a per-cpu...

Security Advisory - Information Leakage Vulnerability in Motion Sensor

Motion sensor in some Huawei smart phones has an information leakage vulnerability. An attacker may exploit this vulnerability to obtain specific information from the motion sensor through an APP installed on the smart phone and track the user. Successful exploit may cause information leak...

FortiOS SSL Deep Inspection TLS Padding Oracle Vulnerabilities

Multiple padding Oracle vulnerabilities Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length in the CBC padding implementation of FortiOS when configured with SSL Deep Inspection policies and with the IPS sensor enabled may allow an attacker to decipher TLS connections going through the FortiGate by...

[SECURITY] Fedora 31 Update: ipmitool-1.8.18-19.fc31

This package contains a utility for interfacing with devices that support the Intelligent Platform Management Interface specification. IPMI is an open standard for machine health, inventory, and remote power control. This utility can communicate with IPMI-enabled devices through either a kernel...

[SECURITY] Fedora 30 Update: ipmitool-1.8.18-19.fc30

This package contains a utility for interfacing with devices that support the Intelligent Platform Management Interface specification. IPMI is an open standard for machine health, inventory, and remote power control. This utility can communicate with IPMI-enabled devices through either a kernel...