15 matches found
EUVD-2022-39153
Malicious code in bioql PyPI...
CVE-2025-38442 block: reject bs > ps block devices when THP is disabled
In the Linux kernel, the following vulnerability has been resolved: block: reject bs ps block devices when THP is disabled If THP is disabled and when a block device with logical block size page size is present, the following null ptr deref panic happens during boot: 13.2 mK AOSAN: null-ptr-deref...
CVE-2024-40853
CVE-2024-40853 affects Apple iOS 18 and iPadOS 18. Verified details show the issue arises from Siri allowing Auto-Answer Calls on a locked device; Apple fixed it by restricting options on a locked device. Root cause described as a protection bypass tied to Siri on locked screens. Exploitation des...
CVE-2024-40851
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker with physical access may be able to access contact photos from the lock screen...
CVE-2024-40851
CVE-2024-40851 affects Apple iOS 18.1 and iPadOS 18.1. The issue allowed an attacker with physical access to view contact photos from the lock screen due to insufficient restrictions on options presented on a locked device. Apple fixed this in iOS 18.1 / iPadOS 18.1 via strengthened authenticatio...
CVE-2024-40818
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, watchOS 10.6. An attacker with physical access may be able to use Siri to access sensitive user data...
PT-2024-23613 · Unknown · Zephyr Rtos
Name of the Vulnerable Software and Affected Versions: Zephyr RTOS versions prior to 3.6 Description: The issue allows a malicious BLE device to crash a BLE victim device by sending a malformed gatt packet. This can be exploited for local attacks. Network segmentation can help mitigate the risk...
CVE-2023-41988
This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data...
CVE-2023-41982
This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data...
Information disclosure
This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data...
Information disclosure
This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data...
PT-2023-26776 · Renault · Renault Zoe Ev
Name of the Vulnerable Software and Affected Versions: Renault Zoe EV 2021 automotive infotainment system versions 283C35202R to 283C35519R Description: The issue allows attackers to crash the infotainment system by sending arbitrary USB data via a USB device. Recommendations: For versions...
Information disclosure
This issue was addressed by restricting options offered on a locked device. This issue is fixed in watchOS 9.5. An attacker with physical access to a locked Apple Watch may be able to view user photos or contacts via accessibility features...
PT-2021-9837 · Mofi Network +1 · Mofi4500-4Gxelte +1
Name of the Vulnerable Software and Affected Versions: Mofi Network MOFI4500-4GXeLTE version 4.1.5-std Description: An issue was discovered where the Dropbear SSH daemon has been modified to accept an alternate hard-coded path to a public key that allows root access. This key is stored in a /rom...
PT-2014-1007 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 3.14.3 Description: The issue is related to the raw cmd copyin function in drivers/block/floppy.c, which does not properly handle error conditions during processing of an FDRAWCMD ioctl call. This allows local...