CVE-2019-2266

The CVE-2019-2266 entry concerns a possible double-free issue in the kernel when handling camera sensor power sequencing across Snapdragon-based platforms (e.g., APQ8053, IPQ4019/8064, MDM92xx, SDM84x/SDX2x, etc.). The Red Hat/NVD/CVE records describe the vulnerability as a kernel-level double-fr...

CVE-2019-2266

Possible double free issue in kernel while handling the camera sensor and its sub modules power sequence in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and...

Siemens 6GK1411-6CA40-0AA0 IE/WSN-PA Link Detection

Binary data 765352.prm...

CVE-2019-10565

Double free issue can happen when sensor power settings is freed by some thread while another thread try to access. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

Double free

Double free issue can happen when sensor power settings is freed by some thread while another thread try to access. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

CVE-2019-10565

Double free issue can happen when sensor power settings is freed by some thread while another thread try to access. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

Samsung Rolls Out Fix For Galaxy S10 Fingerprint Sensor Glitch

Samsung has reportedly started rolling out a software patch for the Galaxy S10 and Note10, addressing glitches in both phone models that allow the bypass of their built-in fingerprint authentication sensors. The fix comes after Samsung admitted last week that anyone can bypass the Galaxy S10...

Snare - Super Next Generation Advanced Reactive honEypot

snare - Super Next generation Advanced Reactive honEypot Super Next generation Advanced Reactive honEypot About SNARE is a web application honeypot sensor attracting all sort of maliciousness from the Internet. Documentation The documentation can be found here. Basic Concepts Surface first. Focus...

Galaxy S10 Fingerprint Sensor Thwarted With Screen Protector: Report

UPDATE Samsung has acknowledged that anyone can bypass the Galaxy S10 fingerprint sensor using a third-party case after a woman alleged that a $3 smartphone screen protector allowed unauthorized users to dupe her Samsung Galaxy S10’s fingerprint recognition sensor – giving access to her phone and...

IoT: a malware story

Since 2008, cyber-criminals have been creating malware to attack IoT-devices, such as routers and other types of network equipment. You will find a lot of statistics on this on Securelist, most notably, here and here. The main problem with these IoT/embedded devices is that one simply cannot...

SMA Solar Technology AG Sunny WebBox

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: SMA Solar Technology AG Equipment: Sunny WebBox Vulnerability: Cross-Site Request Forgery 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to generate a...

Android Security Bulletin—October 2019Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2019-10-06 or later address all of these issues. To learn how to check a device's security patch level, see Check & update your Android version. Android partners are...

Google Android VL53L0 Driver Elevation of Privilege Vulnerability

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA in the U.S. The VL53L0 driver is one of the laser range sensors. A privilege elevation vulnerability exists in the VL53L0 driver in Android. An attacker can exploit this vulnerability to elevate...

CVE-2019-2174

In SensorManager::assertStateLocked of SensorManager.cpp in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

MSNM-S - Multivariate Statistical Network Monitoring-Sensor

MSNM-S Multivariate Statistical Network Monitoring-Sensor shows the practical suitability of the approaches found in PCA-MSNM and in Hierarchical PCA-MSNM works. The first one present the MSNM approach and new multivariate statistical methodology for network anomaly detection while the second one...

New Attack Lets Android Apps Capture Loudspeaker Data Without Any Permission

Earlier this month, The Hacker News covered a story on research revealing how over 1300 Android apps are collecting sensitive data even when users have explicitly denied the required permissions. The research was primarily focused on how app developers abuse multiple ways around to collect locati...

Bug in Anesthesia Respirators Allows Cyber-Tampering

A vulnerability in GE Healthcare’s Aestiva and Aespire anesthesia devices would allow an unauthenticated cybercriminal on the same network as the device to modify gas composition parameters within the devices’ respirator function, thus changing sensor readings for gas density. According to GE...

Aida64 6.00.5100 SEH Buffer Overflow

!/usr/bin/python Exploit : Aida64 6.00.5100 'Log to CSV File' Local SEH Buffer Overflow Exploit Author : Nipun Jaswal Tested On : Windows 7 Home Basicx86 Version : 6.00.5100 Release Date : 31/May/2019 Build : 21/May/2019 Vendor Homepage: https://www.aida64.com/downloads Software Link:...

Aida64 6.00.5100 - 'Log to CSV File' Local SEH Buffer Overflow

!/usr/bin/python Exploit : Aida64 6.00.5100 'Log to CSV File' Local SEH Buffer Overflow Exploit Author : Nipun Jaswal Tested On : Windows 7 Home Basicx86 Version : 6.00.5100 Release Date : 31/May/2019 Build : 21/May/2019 Vendor Homepage: https://www.aida64.com/downloads Software Link:...

YouTuber hacks fingerprint scanner of OnePlus 7 Pro using hot glue

By Waqas The Youtuber also claimed that the OnePlus 7 Pro's fingerprint sensor is the quickest in-display sensor they have ever seen. The new OnePlus 7 Pro from OnePlus is definitely a refreshing change in the smartphones market because of its popup camera and triple cam setup, full-screen displa...