70 matches found
CVE-2020-5569
An unquoted search path vulnerability exists in HDD Password tool for Windows version 1.20.6620 and earlier which is stored in CANVIO PREMIUM 3TBHD-MB30TY, HD-MA30TY, HD-MB30TS, HD-MA30TS, CANVIO PREMIUM 2TBHD-MB20TY, HD-MA20TY, HD-MB20TS, HD-MA20TS, CANVIO PREMIUM 1TBHD-MB10TY, HD-MA10TY,...
CVE-2020-5569
CVE-2020-5569 is an unquoted search path vulnerability in HDD Password tool for Windows (versions up to 1.20.6620) affecting CANVIO PREMIUM 3TB/2TB/1TB and CANVIO SLIM 1TB/500GB devices, where Windows services are registered with unquoted file paths. If a path with spaces is present, a malicious ...
JVN#13467854: Toshiba Electronic Devices & Storage software registers unquoted service paths
Some of Toshiba Electronic Devices & Storage software registers Windows services with unquoted file paths CWE-428. Impact When a registered path contains spaces, and a malicious executable is placed on a certain path, it may be executed with the privilege of the Windows service. Solution The...
Product update: Virtuozzo 7.0 Update 13 (7.0.13-298)
The Update 13 for Virtuozzo 7.0 introduces new features and provides stability and usability bug fixes. It also introduces a new kernel 3.10.0-1062.12.1.vz7.131.10. Vulnerability id: PSBM-95072 'pstorage-target' files are left over after successful migrations of VMs on Virtuozzo Storage from...
Buffer overflow
In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, while processing SETPASSPOINTLIST vendor command HDD does not make sure that the realm string that gets passed by upper-layer is NULL terminated. This may lead to buffer overflow as strlen is...
Attackers Can Use Sonic and Ultrasonic Signals to Crash Hard Drives
Researchers have demonstrated how sonic and ultrasonic signals inaudible to human can be used to cause physical damage to hard drives just by playing ultrasonic sounds through a target computer's own built-in speaker or by exploiting a speaker near the targeted device. Similar research was...
Sonic Tone Attacks Damage Hard Disk Drives, Crashes OS
Using sonic and ultrasonic soundwaves as a weapon, researchers can disrupt the read, write and storage functions of a hard disk drive HDD. The method can also be used to crash the host operating system, and in some cases damage targeted drives. Researchers said the attack can be performed by...
How To Replace Defective SSD/HDD of a NetScaler SD-WAN 4000 or 5000 Appliance
This article describes how to replace defective SSD/HDD of a NetScaler SD-WAN 4000 or 5000 appliance...
CVE-2017-11062
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, currently attributes are not validated in wlanhddcfg80211doacs which can potentially lead to a buffer overread...
Product update: Virtuozzo 7.0 Update 4 Hotfix 1 (7.0.4-1091)
The new update for Virtuozzo 7.0.4 provides stability and usability bug fixes. Vulnerability id: PSBM-66625, PSBM-66445 guest.fs counters were reported in kilobytes for containers and in bytes for virtual machines. Vulnerability id: PSBM-66556 Backup location changed to default after update to...
Product update: Virtuozzo Automator 7 Update 1
The new packages for Virtuozzo Automator 7 introducing new features as well as usability and stability bug fixes. Vulnerability id: PVA-36535 Fixed collection of CPU statistics in VA MN. Vulnerability id: PVA-36516 Changing container's private area in the host settings in VA MN resulted in deleti...
Any Write cache mode which involves the Target Device local HDD reverts to server side caching
When trying to configure the write cache, any selection that involves the local HDD of the target device would fail. Cache on device ram - works Cache on server - works Ram with overflow - fails to server Cache on Device HD - fails to server...
Lenovo RapidBoot HDD Acelerator 1.00.0802 Privilege Escalation Vulnerability
Exploit for windows platform in category local exploits Exploit Title: Lenovo RapidBoot HDD Accelerator - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 1.00.0802 Tested on: Windows 7 Professional The Lenovo RapidBoot HDD Accelerator service is...
Lenovo RapidBoot HDD Acelerator 1.00.0802 Privilege Escalation
Exploit Title: Lenovo RapidBoot HDD Accelerator - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 1.00.0802 Tested on: Windows 7 Professional The Lenovo RapidBoot HDD Accelerator service is installed with an unquoted service path. This enables a loca...
Lenovo RapidBoot HDD Accelerator 1.00.0802 - Unquoted Service Path Privilege Escalation
Lenovo RapidBoot HDD Accelerator 1.00.0802 - Unquoted Service Path Privilege Escalation Exploit Title: Lenovo RapidBoot HDD Accelerator - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 1.00.0802 Tested on: Windows 7 Professional The Lenovo RapidBoot...
Lenovo RapidBoot HDD Accelerator 1.00.0802 - Unquoted Service Path Privilege Escalation
Exploit Title: Lenovo RapidBoot HDD Accelerator - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 1.00.0802 Tested on: Windows 7 Professional The Lenovo RapidBoot HDD Accelerator service is installed with an unquoted service path. This enables a loca...
Android Qualcomm Wi-Fi Driver Information Disclosure Vulnerability
Android on Nexus 5X and Android One is a Linux-based open source operating system for the Nexus 5X and Android One smartphones developed by Google and the Open Handset Alliance OHA, of which the Qualcomm Wi-Fi driver is a wireless driver component. Qualcomm Wi-Fi driver is one of the wireless...
Android Qualcomm Wi-Fi Driver Buffer Overflow Vulnerability
Android on Nexus 5X and Android One is a Linux-based open source operating system for the Nexus 5X and Android One smartphones developed by Google and the Open Handset Alliance OHA, of which the Qualcomm Wi-Fi driver is a wireless driver component. Qualcomm Wi-Fi driver is one of the wireless...
Command injection
CORE/HDD/src/wlanhddmain.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X devices allows attackers to gain privileges via a crafted application that sends a SENDACTIONFRAME command, aka Android internal bug 28061823 and Qualcomm internal bug CR 1001449...
CVE-2016-6675
This CVE (CVE-2016-6675) is a buffer/size difference (off-by-one) vulnerability in the Qualcomm Wi‑Fi driver’s CORE/HDD wlan_hdd_hostapd.c. Affected devices include Android on Nexus 5X and Android One, with exploitation via a crafted application that invokes the linkspeed ioctl, enabling local pr...