EUVD-2020-26819

Malware in sbrugna...

EUVD-2018-10788

Malware in sbrugna...

EUVD-2022-35292

Malicious code in bioql PyPI...

Vulnerabilities discovered in Kiloview P1 4G Video Encoder and P2 4G Video Encoder

Vulnerabilities have been discovered in Kiloview P1 and P2. Kiloview P1 and P2 are hardware solutions for streaming image information in HDMI format. The firmware of these systems contains a number of serious vulnerabilities that allow a malicious person to perform attacks that can lead to the...

New UEFI Firmware Flaws Reported in Several Lenovo Notebook Models

PC maker Lenovo has addressed yet another set of three shortcomings in the Unified Extensible Firmware Interface UEFI firmware affecting several Yoga, IdeaPad, and ThinkBook devices. "The vulnerabilities allow disabling UEFI Secure Boot or restoring factory default Secure Boot databases incl. dbx...

High-Severity Firmware Security Flaws Left Unpatched in HP Enterprise Devices

A number of firmware security flaws uncovered in HP's business-oriented high-end notebooks continue to be left unpatched in some devices even months after public disclosure. Binarly, which first revealed details of the issues at the Black Hat USA conference in mid-August 2022, said the...

NVIDIA Patches Critical Bug in High-Performance Servers

NVIDIA released a patch for a critical bug in its high-performance line of DGX servers that could open the door for a remote attacker to take control of and access sensitive data on systems typically operated by governments and Fortune-100 companies. In all, NVIDIA issued nine patches, each fixin...

Keep Your Smart Home Safe: Here’s What You Can Do Today to Secure Your Products

The Internet of Things IoT is transforming the way we live, work and play. You can find it in the fitness trackers you might be wearing to monitor step count and heart rate. Or the car you may be driving. But more than anywhere else, you’ll see IoT at home in an increasing array of gadgets: from...

ASUS Patches Root Command Execution Flaws Haunting Over a Dozen Router Models

ASUS released patches for over a dozen router models on Tuesday that are each vulnerable to multiple firmware flaws that when combined give a local unauthenticated attacker the ability to execute commands as root on targeted devices. Routers models patched by ASUS are RT-AC88U, RT-AC3100, RT-AC86...

To DVRF（router flaws drone as an example the interpretation of JEB firmware flaws applications Part 1-the vulnerability warning-the black bar safety net

A, media In this series of articles, I will send everyone to the presentation if any application JEB MIPS Decompiler1to find and the application of the embedded equipment software flaws. In order to accomplish this obligation, we need to apply the Praetorian supplied to the DVRF（Damn Vulnerable...

Intel Patches Nine-Year-Old Critical CPU Vulnerability

Intel patched a critical vulnerability that dates back nine years and impacts business desktop PCs that utilize the company’s Active Management Technology. According to an Intel security bulletin, the flaw could allow an adversary to elevate privileges on a vulnerable system. Intel said there are...

LifeSize Room 5.0.9 - Multiple Vulnerabilities

LifeSize Room 5.0.9 - Multiple Vulnerabilities Source: https://github.com/XiphosResearch/exploits/tree/master/deathsize LifeSize Room 5.0.9, remote config disclosure, code execution & local privilege escalation Ultimately the Lifesize Room products have fundamentally flawed firmware, many similar...

LifeSize Room 5.0.9 - Multiple Vulnerabilities

Source: https://github.com/XiphosResearch/exploits/tree/master/deathsize LifeSize Room 5.0.9, remote config disclosure, code execution & local privilege escalation Ultimately the Lifesize Room products have fundamentally flawed firmware, many similar very bugs in the WebUI exist and thier support...

CVE-2016-4375

Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 aka iLO 3 firmware before 1.88, Integrated Lights-Out 4 aka iLO 4 firmware before 2.44, and Integrated Lights-Out 4 aka iLO 4 mRCA firmware before 2.32 allow remote attackers to obtain sensitive information, modify data, or cause...

2015 Google Android Security Report

Last year was a landmark time for Android security. Google dealt with a major vulnerability in Stagefright, launched a monthly patch release and vulnerability rewards program, and continued to chip away at the number of malicious applications that find their way onto devices. Given all of that...

Millions of Vulnerable Routers aiding Massive DNS Amplification DDoS Attacks

The Distributed Denial of Service DDoS attack is becoming more sophisticated and complex with the increase in the skills of attackers and so, has become one of favorite weapon for the cyber criminals to temporarily suspend or crash the services of a host connected to the Internet and till now...

Millions of printers open to devastating hack attack

Millions of printers open to devastating hack attack Could a hacker from half-way around the planet control your printer and give it instructions so frantic that it could eventually catch fire? Or use a hijacked printer as a copy machine for criminals, making it easy to commit identity theft or...

Huawei SmartAX MT880 - Multiple Cross-Site Request Forgery Vulnerabilities

Huawei SmartAX MT880 - Multiple Cross-Site Request Forgery Vulnerabilities Description: Huawei MT880 is a device offered by the algerian telecom operator - FAWRI, to provide ADSL Internet connexion and it's already widely in use. Overview: Huawei MT880 firmware and its default configuration has...