156 matches found
Keepalived 安全漏洞
Keepalived is a set of routing software written in C by the Keepalived organization. The software is primarily used for load balancing and fault detection, among other things. Keepalived 2.2.4 suffers from a security vulnerability that stems from a D-Bus policy that does not sufficiently restrict...
Huawei ManageOne Elevation of Privilege Vulnerability
Huawei Manageone is a cloud data center management solution from Huawei of China. huawei ManageOne is vulnerable due to a lack of checksum when the program uses certain parameters from external files. An attacker could use the vulnerability to construct a malicious file to achieve elevation of...
Avaya Aura Experience Portal Input Validation Error Vulnerability
Avaya Aura Experience Portal is the next generation of Avaya Voice Portal from Avaya, Inc. providing organizations with a single point of orchestration for all automated voice and multimedia applications and services. experience Portal supports SIP, IP, TDM or hybrid environments. It includes...
Avaya Aura Experience Portal 输入验证错误漏洞
Avaya Aura Experience Portal is the next generation of Avaya Voice Portal from Avaya, Inc. providing organizations with a single point of orchestration for all automated voice and multimedia applications and services. experience Portal supports SIP, IP, TDM or hybrid environments. It includes...
CVE-2021-30493
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the ChromaBroadcast subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other...
Design/Logic Flaw
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the ChromaBroadcast subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other...
Design/Logic Flaw
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the Razer Chroma SDK subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other...
CVE-2021-30494
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the Razer Chroma SDK subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other...
CVE-2021-30494
The CVE-2021-30494 entry concerns Razer Synapse 3 and the Razer Chroma SDK. The connected documents describe that multiple system services installed with the Razer Synapse 3 suite perform privileged operations on entries within the Chroma SDK subkey, specifically involving file name concatenation...
CVE-2021-30493
CVE-2021-30493 describes a vulnerability in the Razer Synapse 3 software where multiple system services perform privileged operations on entries within the ChromaBroadcast subkey, specifically involving file name concatenation of a runtime log file used to store runtime log information. The resul...
CVE-2021-22294
A component API of the HarmonyOS 2.0 has a permission bypass vulnerability. Local attackers may exploit this vulnerability to issue commands repeatedly, exhausting system service resources...
CVE-2020-12521
On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An attacker can cause failure of system services or a complete reboot...
Design/Logic Flaw
On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An attacker can cause failure of system services or a complete reboot...
CVE-2020-28344
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. System services may crash because of the lack of a NULL parameter check. The LG ID is LVE-SMP-200024 November 2020...
CVE-2020-28344
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. System services may crash because of the lack of a NULL parameter check. The LG ID is LVE-SMP-200024 November 2020...
CVE-2020-28344
CVE-2020-28344 affects LG mobile devices running Android 8.0–10. The root cause is a missing NULL parameter check leading to a NULL pointer dereference, which may cause system services to crash. The available documents (NVD, Red Hat, CVE listing) reiterate this description; no specific CVE patch ...
CVE-2019-14092
System Services exports services without permission protect and can lead to information exposure in Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9207C, MDM9607, Rennell, Saipan, SM8150, SM8250, SXR2130...
Information disclosure
System Services exports services without permission protect and can lead to information exposure in Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9207C, MDM9607, Rennell, Saipan, SM8150, SM8250, SXR2130...
CVE-2019-14092
System Services exports services without permission protect and can lead to information exposure in Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9207C, MDM9607, Rennell, Saipan, SM8150, SM8250, SXR2130...
TAU Threat Analysis: Medusa Locker Ransomware
In recent weeks Carbon Black’s Threat Analysis Unit TAU has seen an increase in the number of infections attributed to the Medusa Locker ransomware family. There were notable traits exhibited by Medusa Locker in these attacks that warranted further investigation to determine behavioral tactics th...