Samsung SMR Path Traversal Vulnerability

Samsung SMR is a system patch package from Samsung South Korea. It provides patches for Samsung mobile applications. A path traversal vulnerability exists in versions prior to SMR APR-2021 Release 1, which stems from faulty access control and can be exploited by an attacker to read or write...

CVE-2021-25361

An improper access control vulnerability in stickerCenter prior to SMR APR-2021 Release 1 allows local attackers to read or write arbitrary files of system process via untrusted applications...

Improper access control

An improper access control vulnerability in stickerCenter prior to SMR APR-2021 Release 1 allows local attackers to read or write arbitrary files of system process via untrusted applications...

Exploit for Race Condition in Docker Docker_Desktop

CVE-2020-11492 Proof-of-Concept PoC for Docker Desktop for...

Samsung Mobile Device Input Validation Error Vulnerability (CNVD-2020-34726)

Android is a free and open source operating system from Google based on the Linux kernel without GNU components. An input validation error vulnerability exists in Samsung mobile devices, which can be exploited by an attacker to cause a system process to crash, resulting in a denial of service...

Samsung Mobile Device Denial of Service Vulnerability (CNVD-2020-33718)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. Samsung Mobile Device Denial of Service vulnerability can be exploited by an attacker to cause a system process to crash, resulting in a denial of service...

Samsung Mobile Device Denial of Service Vulnerability (CNVD-2020-33714)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. A denial-of-service vulnerability exists in Samsung mobile devices, which can be exploited by an attacker to cause a system process to crash, resulting in a denial ...

Unspecified Vulnerability in Samsung Mobile Devices (CNVD-2020-36252)

Android is a free and open source operating system from Google based on the Linux kernel without GNU components. An unspecified vulnerability exists in Samsung mobile devices, which can be exploited by an attacker to cause a system process to crash, resulting in a denial of service...

Unspecified Vulnerability in Samsung Mobile Devices (CNVD-2020-36253)

Android is a free and open source operating system from Google based on the Linux kernel without GNU components. An unspecified vulnerability exists in Samsung mobile devices, which can be exploited by an attacker to cause a system process to crash, resulting in a denial of service...

Unspecified Vulnerability in Samsung Mobile Devices (CNVD-2020-34725)

Android is a free and open source operating system from Google based on the Linux kernel without GNU components. An unspecified vulnerability exists in Samsung mobile devices, which can be exploited by an attacker to cause a system process to crash, resulting in a denial of service...

Unspecified Vulnerability in Samsung Mobile Devices (CNVD-2020-36251)

Android is a free and open source operating system from Google based on the Linux kernel without GNU components. An unspecified vulnerability exists in Samsung mobile devices, which can be exploited by an attacker to cause a system process to crash, resulting in a denial of service...

Code injection

An issue was discovered on Samsung mobile devices with N7.x software. Because of missing Intent exception handling, systemserver can have a NullPointerException with a crash of a system process. The Samsung IDs are SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, and SVE-2017-9126 July 2017...

CVE-2017-18663

An issue was discovered on Samsung mobile devices with N7.x software. Because of missing Intent exception handling, systemserver can have a NullPointerException with a crash of a system process. The Samsung IDs are SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, and SVE-2017-9126 July 2017...

CVE-2017-18671

An issue was discovered on Samsung mobile devices with L5.0/5.1, M6.0, and N7.x software. Intents related to Wi-Fi have incorrect exception handling, leading to a crash of system processes. The Samsung ID is SVE-2017-8389 May 2017...

The vulnerability in the ihevcddecode.c function of the Android operating system allows a hacker to trigger a system failure.

The vulnerability of the ihevcddecode.c function in the Android operating system is related to a memory leak. Exploiting this vulnerability can allow an attacker to remotely cause a critical system process to fail...

CVE-2019-1968

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could...

Microsoft Windows - 'CmpAddRemoveContainerToCLFSLog' Arbitrary File/Directory Creation

Windows: CmpAddRemoveContainerToCLFSLog Arbitrary File/Directory Creation EoP Platform: Windows 10 1809 not tested earlier Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary Summary: The kernel’s CmpAddRemoveContainerToCLFSLog function doesn’t...

CVE-2018-15452 Cisco Advanced Malware Protection for Endpoints on Windows DLL Preloading Vulnerability

A vulnerability in the DLL loading component of Cisco Advanced Malware Protection AMP for Endpoints on Windows could allow an authenticated, local attacker to disable system scanning services or take other actions to prevent detection of unauthorized intrusions. To exploit this vulnerability, the...

CVE-2018-6851

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80206040. By crafting an input buffer we can control the execution path to the point where the constant DWORD 0 will be written t...

CVE-2018-7884

An issue was discovered in DisplayLink Core Software Cleaner Application 8.2.1956. When the drivers are updated to a newer version, the product launches a process as SYSTEM to uninstall the old version: cl1956.exe is run as SYSTEM on the %systemroot%\Temp folder, where any user can write a DLL...