175 matches found
CVE-2021-36927 Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability
...
CVE-2021-36927
Technical details for CVE-2021-36927 (affected product/version, root cause, impact, or remediation) are not provided in the connected documents. The initial description lacks public details; monitor for updates and future disclosures.
PT-2021-4039 · Microsoft · Windows Digital Tv Tuner Device Registration Application +1
Name of the Vulnerable Software and Affected Versions: Windows Digital TV Tuner device registration application affected versions not specified Description: The issue is related to insufficient access restrictions in the Windows Digital TV Tuner device registration application, which can be...
Black Hat 2020: Satellite Comms Globally Open to $300 Eavesdropping Hack
Satellite internet communications are susceptible to eavesdropping and signal interception by far-flung attackers located in a different continent or country from their victims. And all they need is $300 worth of off-the-shelf equipment to pull it off. That’s the word from James Pavur, an academi...
Homemade TEMPEST Receiver
Tom's Guide writes about home brew TEMPEST receivers: Today, dirt-cheap technology and free software make it possible for ordinary citizens to run their own Tempest programs and listen to what their own -- and their neighbors' -- electronic devices are doing. Elliott, a researcher at Boston-based...
kernel: media: use-after-free in [tuner-xc2028] media driver
The xc2028setconfig function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service use-after-free via vectors involving omission of the firmware name from a certain data structure. Due to the nature of the flaw,...
kernel: media: use-after-free in [tuner-xc2028] media driver
The xc2028setconfig function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service use-after-free via vectors involving omission of the firmware name from a certain data structure. Due to the nature of the flaw,...
Virtual VCR Max .0a - .vcr Buffer Overflow (PoC)
Virtual VCR Max .0a - .vcr Buffer Overflow PoC !/usr/bin/python Exploit Title: VirtualVCR-Max .0a Overflow PoC Google Dork: N/A Date: 21/02/2019 Exploit Author: Wade Guest Vendor Homepage: http://virtualvcr.sourceforge.net/ Software Link: https://sourceforge.net/projects/virtualvcr/ Version: Max...
The vulnerability of the TUNER web service on the TeNIX programmable logic controllers M1500 and M3000 allows a hacker to execute arbitrary code.
The vulnerability of the TUNER web service on the TeNIX programmable logic controllers M1500 and M3000 is related to the absence of name filtering when generating a 404 HTTP error page. As a result, the name of the non-existent webpage is passed unchanged to the generated error page. Exploiting...
AV-Comparatives: Trend Micro Mobile Security for Android Provides 100% Malware Protection for Mobile Users
With the introduction of Android v8.0 Android Oreo in August of 2017, among other OS improvements Google introduced its built-in malware protection for Android call Play Protect dependent on Google Play Services 11 or later. Play Protect checks apps and APK files downloaded from Google Play or...
Security Bulletin: Security vulnerabilities have been identified in SSL/TLS with InfoSphere Optim Query Workload Tuner [for LUW, z/OS] (CVE-2017-10115 CVE-2017-10116)
Summary SSL/TLS are used in InfoSphere Optim Query Workload Tuner for LUW, z/OS. Information about security vulnerabilities affecting SSL/TLS have been published in a security bulletin. Vulnerability Details CVEID: CVE-2017-10115 DESCRIPTION: An unspecified vulnerability related to the Java SE JC...
Security Bulletin: Security vulnerabilities have been identified in data server connection and product integration shipped with InfoSphere Optim Query Workload Tuner [for LUW, z/OS] (CVE-2016-5546 CVE-2016-5548 CVE-2016-5549 CVE-2016-5547 CVE-2016-2183)
Summary Data server connection and product integration are shipped as a component of InfoSphere Optim Query Workload Tuner for LUW, z/OS. Information about security vulnerabilities affecting data server connection and product integration have been published in a security bulletin. Vulnerability...
Security Bulletin: Multiple vulnerabilities in IBM® SDK Java™ Technology Edition affect Data Studio, InfoSphere Data Architect, Optim Query Workload Tuner for Linux, UNIX and Windows, and Optim Query Workload Tuner for z/OS (CVE-2016-0466, CVE-2015-7575)
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is used by IBM Data Studio, InfoSphere Data Architect, Optim Query Workload Tuner for Linux, UNIX and Windows, and Optim Query Workload Tuner for z/OS. These issues were disclosed as part of the IBM Java SDK...
Security Bulletin: A security vulnerability has been identified in IBM Java SDK shipped with IBM Data Studio, InfoSphere Data Architect, Optim Query Workload Tuner for Linux, UNIX and Windows, and Optim Query Workload Tuner for z/OS (CVE-2015-4872)
Summary IBM Java SDK is shipped as a component of IBM Data Studio, InfoSphere Data Architect, InfoSphere Optim Query Workload Tuner for Linux, UNIX and Windows, and InfoSphere Optim Query Workload Tuner for z/OS. Information about a security vulnerability affecting IBM Java SDK has been published...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect various Optim data server tools desktop products (CVE-2015-0488, CVE-2015-0478 and CVE-2015-1916)
Summary There are multiple vulnerabilities in IBM SDK Java™ Technology Edition, Versions 7 Service Refresh 7 Fix Pack 1, 7R1 Service Refresh 1 Fix Pack 1, 6 Service Refresh 16 Fix Pack 1, and earlier releases that are used by various Optim data server tools desktop products. These issues were...
Security Bulletin: Vulnerability in RC4 stream cipher affects various Optim data server tools desktop products (CVE-2015-2808)
Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects various Optim data server tools desktop products. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An...
Security Bulletin: Vulnerability in SSLv3 affects IBM InfoSphere Optim Query Workload Tuner for DB2 for z/OS(CVE-2014-3566)
Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM InfoSphere Optim Query Workload Tuner for DB2 for z/OS. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remo...
kernel: media: use-after-free in [tuner-xc2028] media driver
The xc2028setconfig function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service use-after-free via vectors involving omission of the firmware name from a certain data structure. Due to the nature of the flaw,...
kernel: media: use-after-free in [tuner-xc2028] media driver
The xc2028setconfig function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service use-after-free via vectors involving omission of the firmware name from a certain data structure. Due to the nature of the flaw,...
DEBIAN-CVE-2016-7913
The xc2028setconfig function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service use-after-free via vectors involving omission of the firmware name from a certain data structure...