Lucene search
+L

81 matches found

OSV
OSV
added 2021/12/15 7:15 p.m.5 views

CVE-2021-1016

In onCreate of UsbPermissionActivity.java, there is a possible way to grant an app access to USB without informed user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for...

7.3CVSS5.9AI score0.00111EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/08 12:0 a.m.13 views

Eltima USB Network Gate Integer Overflow Vulnerability

Eltima Usb Network Gate is a software from United Arab Emirates. It is used for remote Usb access via Internet or Lan. A security vulnerability exists in Eltima USB Network Gate, which can be exploited by a local attacker to cause a denial of service memory corruption and OS crash by executing...

8.8CVSS7.5AI score0.00479EPSS
Exploits1References1
OSV
OSV
added 2021/12/01 12:0 a.m.8 views

PUB-A-183610267

In onCreate of UsbPermissionActivity.java, there is a possible way to grant an app access to USB without informed user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation...

7.3CVSS7.4AI score0.00111EPSS
Exploits0References2
OSV
OSV
added 2021/12/01 12:0 a.m.43 views

ASB-A-196448784

In max3421setaddress and related functions of max3421-hcd.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with physical/USB access to the device, with no additional execution privileges needed. User interaction is not needed f...

6.8CVSS7.3AI score0.00333EPSS
Exploits0References2
OSV
OSV
added 2021/08/11 10:15 p.m.3 views

CVE-2021-1111

Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components...

6.7CVSS6.9AI score0.00281EPSS
Exploits0References1
Prion
Prion
added 2021/08/11 10:15 p.m.21 views

Buffer overflow

Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components...

4.6CVSS6.5AI score0.00281EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/08/11 9:33 p.m.27 views

CVE-2021-1111

Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components...

6.7CVSS6.8AI score0.00281EPSS
Exploits0References1
NVD
NVD
added 2021/06/14 8:15 p.m.13 views

CVE-2021-0467

In Chromecast bootROM, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the bootloader, with physical USB access, with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

6.8CVSS0.00127EPSS
Exploits0References1
Prion
Prion
added 2021/06/14 8:15 p.m.23 views

Out-of-bounds

In Chromecast bootROM, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the bootloader, with physical USB access, with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

4.6CVSS6.7AI score0.00127EPSS
Exploits0References1
OSV
OSV
added 2021/05/01 12:0 a.m.11 views

ASB-A-174490700

In TBD of TBD, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the bootloader, with physical USB access, with no additional execution privileges needed. User interaction is not needed for exploitation...

6.8CVSS7.2AI score0.00127EPSS
Exploits0References1
Gitee
Gitee
added 2020/06/06 12:18 p.m.4 views

PRET

The repository michaelxiaxc/PRET is a Printer Exploitation Toolkit that allows users to test the security of their printers. The tool connects to a device via network or USB and exploits the features of a given printer language, currently supporting PostScript, PJL, and PCL. The main idea of PRET...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2018/06/14 5:27 p.m.6 views

Apple Removes iPhone USB Access Feature, Blocking Out Hackers, Law Enforcement

Apple said an upcoming iOS software update will remove the infamous iPhone USB access feature, blocking out both hackers – and law enforcement – from accessing a locked phones’ data via the device port. Apple confirmed that new upcoming default settings will disable the iPhone’s Lightning port, i...

6.9AI score
Exploits0References5
RedhatCVE
RedhatCVE
added 2017/06/26 1:20 p.m.25 views

CVE-2017-9832

An integer overflow vulnerability in ptp-pack.c ptpunpackOPL function of libmtp version 1.1.12 and below allows attackers to cause a denial of service out-of-bounds memory access or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable...

6.8CVSS6.9AI score0.00766EPSS
Exploits0References1
OSV
OSV
added 2017/06/24 12:29 a.m.5 views

DEBIAN-CVE-2017-9832

An integer overflow vulnerability in ptp-pack.c ptpunpackOPL function of libmtp version 1.1.12 and below allows attackers to cause a denial of service out-of-bounds memory access or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable...

6.8CVSS6.9AI score0.00766EPSS
Exploits0References1
seebug.org
seebug.org
added 2017/05/26 12:0 a.m.358 views

initroot: Bypassing Nexus 6 Secure Boot through Kernel Command-line Injection

In the May 2017 Android Security Bulletin, Google released a patch to a critical and unique vulnerability CVE-2016-10277 in the Nexus 6 bootloader we had found and responsibly disclosed. By exploiting the vulnerability, a physical adversary or one with authorized-ADB/fastboot USB access to the...

9.3CVSS7.9AI score0.09465EPSS
Exploits6
ThreatPost
ThreatPost
added 2016/10/14 9:0 a.m.12 views

Leftover Factory Debugger Doubles as Android Backdoor

A leftover factory debugger in Android firmware made by Taiwanese electronics manufacturer Foxconn can be flipped into a backdoor by an attacker with physical access to a device. The situation is a dream for law enforcement or a forensics outfit wishing to gain root access to a targeted device...

8.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2016/05/02 12:0 a.m.8 views

PT-2016-5052 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.5.2 Description: The issue allows physically proximate attackers to cause a denial of service, resulting in a system crash due to a NULL pointer dereference. This is achieved by using a crafted endpoints value...

10CVSS7.3AI score0.80855EPSS
Exploits103References574
The Hacker News
The Hacker News
added 2013/02/26 3:24 a.m.16 views

How to bypass iOS 6.1.2 Screen Lock, another Exploit Exposed

After a series of security issues, it appears that Apple still has not been able to resolve all the issue in iOS. Last week, Apple rolled out its iOS 6.1.2 update to owners of the iPhone, iPad and iPod touch in an effort to fixing the 3G connectivity and an Exchange calendar bugs. Hackers found a...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/10/14 12:0 a.m.36 views

Debian DSA-1047-1 : resmgr - programming error

A problem has been discovered in resmgr, a resource manager library daemon and PAM module, that allows local users to bypass access control rules and open any USB device when access to one device was granted. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

3.6CVSS5.3AI score0.00378EPSS
Exploits0References2
Cvelist
Cvelist
added 2006/04/26 10:0 p.m.25 views

CVE-2005-4789

resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, does not properly enforce class-specific exclude rules in some situations, which allows local users to bypass intended access restrictions for USB devices that set their class ID at the interface level...

6.5AI score0.00384EPSS
Exploits0References2
Rows per page
Query Builder