XINJE XDME-30T4-E ModbusTCP Protocol Denial of Service Vulnerability

XINJE XDME-30T4-E is a controller product of Ethernet type series. A denial of service vulnerability exists in the XINJE XDME-30T4-E ModbusTCP protocol, which can be exploited by an attacker to cause the device to go down and not function properly...

Huawei Taurus-AL00A Resource Management Error Vulnerability

Huawei Taurus-AL00A is a smartphone from Huawei of China.Huawei Taurus-AL00A is vulnerable to a resource management error. A module fails to properly process a message, and a function references freed memory. An attacker could use this vulnerability to trick a user into running a carefully...

PCI passthrough code reading back hardware registers

ISSUE DESCRIPTION Code paths in Xen's MSI handling have been identified which act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specifications shouldn't be able to affect these registers, experience shows that it's very common for device...

End of line: supporting IoT in the home

Trouble is potentially brewing in Internet of Things IoT land, even if the consequences may still be a little way off. System updates and issues surrounding expiring certificates will pose problems for manufacturers and headaches for consumers. System updates for fun and profit One of the first...

Denial of service

A Denial-of-Service vulnerability exists in BECKHOFF Ethernet TCP/IP Bus Coupler BK9000. After an attack has occurred, the device's functionality can be restored by rebooting...

Servicing stack update for Windows 10 Version 1809: April 2, 2019

Servicing stack update for Windows 10 Version 1809: April 2, 2019 Summary This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Key changes include: Addresses an issue where some devices drivers may fail to start after a driver rollba...

CVE-2018-18959

An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, 10.51.LQ20I6 and 10.52.LQ17IA devices. On the 'Air Print Setting' web page, if the data for 'Bonjour Service Location' at /PRESENTATION/BONJOUR is more than 251 bytes when sending data for Air Print Setting, then the device no longe...

Moxa OnCell G3100-HSPA Series Authentication Bypass Vulnerability

The Moxa OnCell G3100-HSPA is an intelligent, feature-rich wireless communications platform that enables networked and serial devices to connect to cellular TCP/IP networks. An authentication bypass vulnerability exists in the Moxa OnCell G3100-HSPA Series that stems from an application allowing...

FAQ: Cloud backup of XenMobile managed devices

Is the Worx data encrypted within the backup? If so what is the encryption level? Yes, as Xenmobile uses the iCloud services from Apple for backing up the data: iCloud secures your data by encrypting it when it's sent over the Internet, storing it in an encrypted format when kept on server review...

iBackDoor: High-Risk Code Hits iOS Apps

Introduction FireEye mobile researchers recently discovered potentially “backdoored” versions of an ad library embedded in thousands of iOS apps originally published in the Apple App Store. The affected versions of this library embedded functionality in iOS apps that used the library to display...