134 matches found
SAMSUNG Mobile devices 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung. A security vulnerability exists in SAMSUNG Mobile devices ConfirmConnectActivity SMR prior to Aug-2022 Release 1, which stems from an improper restriction of...
CVE-2022-20084
In telephony, there is a possible way to disable receiving emergency broadcasts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06498874; Issue ID:...
CVE-2022-20084
In telephony, there is a possible way to disable receiving emergency broadcasts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06498874; Issue ID:...
Privilege escalation
In telephony, there is a possible way to disable receiving emergency broadcasts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06498874; Issue ID:...
CVE-2022-20084
The CVE-2022-20084 entry affects MediaTek telephony, where a missing permission check could allow local privilege escalation to disable emergency broadcast reception. The issue is documented with a patch reference (ALPS06498874/ALPS06498874) and is associated with MediaTek’s devices, containing n...
CVE-2022-20084
In telephony, there is a possible way to disable receiving emergency broadcasts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06498874; Issue ID:...
CVE-2022-27331
An access control issue in Zammad v5.0.3 broadcasts administrative configuration changes to all users who have an active application instance, including settings that should only be visible to authenticated users...
Emerson OSE Exposure of Sensitive Information to an Unauthorized Actor (CVE-2013-0693)
The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers to obtain potentially sensitive informati...
PT-2021-7218 · Owl · Owl Labs Meeting Owl
Name of the Vulnerable Software and Affected Versions: Owl Labs Meeting Owl version 5.2.0.15 Description: The issue is related to the implementation of Bluetooth Low Energy BLE technology in the microprogram of the Meeting Owl Pro camera for video conferencing. It involves the use of a hardcoded...
CVE-2021-22399
The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product...
Code injection
The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product...
CVE-2020-0481
In AndroidManifest.xml, there is a possible permissions bypass. This could lead to local escalation of privilege allowing a non-system app to send a broadcast it shouldn't have permissions to send, with no additional execution privileges needed. User interaction is not needed for...
Improper access control
u'Third-party app may also call the broadcasts in Perfdump and cause privilege escalation issue due to improper access control' in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ8096AU, APQ8098,...
Smart-TV Bug Allows Rogue Broadcasts
An unpatched vulnerability in smart TVs would allow attackers on the same Wi-Fi network to hijack the TV set to broadcast their own content – including, potentially, fake emergency broadcast messages. Discovered by security researcher Dhiraj Mishra, the flaw CVE-2019-12477 is found in the SUPRA...
Xxe
Jenkins Self-Organizing Swarm Plug-in Modules Plugin clients that use UDP broadcasts to discover Jenkins masters do not prevent XML External Entity processing when processing the responses, allowing unauthorized attackers on the same network to read arbitrary files from Swarm clients...
CVE-2019-10309
The CVE-2019-10309 entry concerns the Jenkins Swarm Plugin (Swarm Client) where UDP-based master discovery responses are XML documents that are parsed without proper XXE protection. This XXE flaw could allow an unauthenticated attacker on the same network to read arbitrary files from Swarm client...
Android RSSI Broadcast Information Disclosure
Blog post here: https://wwws.nightwatchcybersecurity.com/2018/11/11/cve-2018-9581/ NOTE: This bug is part of a series of three related Android bugs with the same root cause: CVE-2018-9489, CVE-2018-9581 and CVE-2018-15835. A presentation covering all three bugs was given at BSides DE in the fall ...
Android 5.0 Battery Information Broadcast Information Disclosure
NOTE: This bug is part of a series of three related Android bugs with the same root cause: CVE-2018-9489, CVE-2018-9581 and CVE-2018-15835. A presentation covering all three bugs was given at BSides DE in the fall of 2018. SUMMARY System broadcasts by the Android operating system expose detailed...
Microsoft Windows: NetBIOS Node Type
This test checks the setting for policy OpenVAS Vulnerability Test $Id: windcnetbiosnodetype.nasl 11337 2018-09-11 14:23:53Z emoss $ Check value for NetBIOS Node Type Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program is free software;...
PiDense - Monitor Illegal Wireless Network Activities (Fake Access Points)
Monitor illegal wireless network activities. Similar SSID broadcasts Same SSID broadcasts Calculates unencrypted wireless networks density Watches SSID broadcasts at the blacklist. Capabilities Now Calculates Unencrypted wireless network density Finds same ssid, different encryption Working...