86 matches found
CVE-2024-10026
A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote attacker to calculate a local IP address and a per-boot identifier that could aid in tracking of a device in certain circumstances...
AZL-56192 CVE-2024-10026 affecting package podman 4.1.1-26
A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote attacker to calculate a local IP address and a per-boot identifier that could aid in tracking of a device in certain circumstances...
UBUNTU-CVE-2024-10026
A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote attacker to calculate a local IP address and a per-boot identifier that could aid in tracking of a device in certain circumstances...
CVE-2024-10026 Improved Seeding and Hashing In gVisor
A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote attacker to calculate a local IP address and a per-boot identifier that could aid in tracking of a device in certain circumstances...
CVE-2024-10026 Improved Seeding and Hashing In gVisor
A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote attacker to calculate a local IP address and a per-boot identifier that could aid in tracking of a device in certain circumstances...
CVE-2024-10026
The CVE-2024-10026 issue concerns Google's gVisor: a weak hashing algorithm and small seed/secret sizes. The connected documents confirm this affects gVisor in multiple advisories (e.g., TencentOS Server 4, OSV/Ubuntu entries) and describe that a remote attacker could calculate a local IP address...
Google gVisor 安全漏洞
Google gVisor is a user-space kernel from Google written in the Go language for use in Linux systems. A security vulnerability exists in Google gVisor, which stems from the presence of an information-countable vulnerability that could lead to an attacker being able to count information for use in...
CVE-2025-21615
CVE-2025-21615 affects AAT (Another Activity Tracker) for mobile: versions prior to 1.26 are vulnerable to data exfiltration by other apps installed on the same device. The root cause is data disclosure leakage from the app’s environment, leading to potential confidentiality impact described as h...
CVE-2024-46745
In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failure in inputmtinitslot...
Code injection
This issue was addressed by removing the vulnerable code. This issue is fixed in watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, tvOS 17.1, iOS 17.1 and iPadOS 17.1. A device may be passively tracked by its Wi-Fi MAC address...
8 cybersecurity tips to keep you safe when travelling
The best way to keep your devices safe when you're travelling is to be unplugged. If you don't need it, don't take it with you. But since that is not always an option, here are some tips to keep you safe while you travel. 1. Backup before you go The consequences of losing your device or having it...
K32380005: Linux kernel vulnerability CVE-2019-18282
Security Advisory Description The flowdissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash instead ...
Polite WiFi loophole could allow attackers to drain device batteries
Researchers at the University of Waterloo in Ontario have further researched a loophole in the WiFi protocol that was dubbed "polite WiFi". Last year the researchers published a study in which they showed someone could use this loophole to triangulate the location of any WiFi enabled device. Now,...
PT-2022-23621 · Pal Electronics Systems · Palgate
Name of the Vulnerable Software and Affected Versions: Pal Electronics Systems affected versions not specified Description: The issue is an authorization problem in the PalGate device management Android client app, affecting gates of buildings and parking lots controlled by a simple button in any...
Bluetooth Signals Can Be Used to Track Smartphones, Say Researchers
Researchers warn Bluetooth signals can be used to track device owners via a unique fingerprinting of the radio signal. The technique was presented via a paper presented at IEEE Security and Privacy conference last month by researchers at the University of California San Diego. The paper suggests...
F5 Networks BIG-IP : Linux kernel vulnerability (K32380005)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4. It is, therefore, affected by a vulnerability as referenced in the K32380005 advisory. The flowdissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, a...
Apple macOS 权限许可和访问控制问题漏洞
Apple macOS is a suite of specialized operating systems developed by Apple Inc. for Mac computers. Apple macOS Monterey suffers from a privilege-granting and access-control issue vulnerability that stems from the fact that devices may be tracked via BSSID...
All the New Privacy Features Coming to iOS and macOS
Improvements designed to keep your email private, crack down on data stealing apps, and help you find lost devices are on their way...
CVE-2021-0466
In startIpClient of ClientModeImpl.java, there is a possible identifier which could be used to track a device. This could lead to remote information disclosure to a proximal attacker, with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CentOS 7 : kernel (RHSA-2020:5437)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5437 advisory. - The flowdissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs...