chrome:Persistent UXSS via SchemaRegistry(CVE-2016-1676)

Chrome version: 50.0.2661.75 and still present on current HEAD, 52.0.2713.0 The SchemaRegistry stores extension API schemas in a single v8::Context that lives until the RenderThread =process? is destroyed. Due to vulnerabilities in binding.js, these objects can be intercepted by malicious web...

General Motors and Shanghai OnStar iOS Client Man-in-the-Middle Attack Vulnerability

General Motors GM and Shanghai OnStar SOS iOS Client is an iOS-based application for making SOS distress calls for drivers in the event of a motor vehicle collision. A security vulnerability exists in the GM and SOS iOS Client version 7.1. The vulnerability can be exploited by an attacker to...

CVE-2017-12697

A Man-in-the-Middle issue was discovered in General Motors GM and Shanghai OnStar SOS SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to intercept sensitive information when the client connects to the server...

Design/Logic Flaw

A Man-in-the-Middle issue was discovered in General Motors GM and Shanghai OnStar SOS SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to intercept sensitive information when the client connects to the server...

CVE-2017-12697

A Man-in-the-Middle issue was discovered in General Motors GM and Shanghai OnStar SOS SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to intercept sensitive information when the client connects to the server...

CVE-2017-12697

CVE-2017-12697 affects General Motors and Shanghai OnStar SOS iOS Client version 7.1. The connected documents describe a Man-in-the-Middle vulnerability where the client may transmit or validate data in a way that enables an attacker to intercept sensitive information when the client connects to ...

Hoermann BiSecur Device Key Acquisition Vulnerability

Hoermann BiSecur devices is a security door remote control device from Hoermann Germany. A security vulnerability exists in Hoermann BiSecur devices prior to version 2018. An attacker could exploit the vulnerability by recording a single radio broadcast to intercept radio frames between the BiSec...

Web Security Dog (IIS Edition) Upload Bypass Vulnerability

Website Security Dog IIS Edition is a server tool that integrates website content security protection, website resource protection and website traffic protection features for comprehensive website security. Web Security Dog IIS Version V4.0.20336 has an upload bypass vulnerability that allows...

CVE-2017-17910

On Hoermann BiSecur devices before 2018, a vulnerability can be exploited by recording a single radio transmission. An attacker can intercept an arbitrary radio frame exchanged between a BiSecur transmitter and a receiver to obtain the encrypted packet and the 32-bit serial number. The intercepti...

GitLab: GitHub import allows user to create child group under existing namespace

When importing a GitHub repository on GitLab, a request is made to /import/github. The user is allowed to pass along a target namespace where they want to add the repository. In this process, the code will create the namespace if it doesn't exist already. However, this can be used to create a...

BtleJuice Framework - Bluetooth Smart (LE) Man-in-the-Middle Framework

BtleJuice is a complete framework to perform Man-in-the-Middle attacks on Bluetooth Smart devices also known as Bluetooth Low Energy. It is composed of: an interception core an interception proxy a dedicated web interface Python and Node.js bindings How to install BtleJuice ? Installing BtleJuice...

CVE-2017-15321

Huawei FusionSphere OpenStack V100R006C000SPC102 NFV has an information leak vulnerability due to the use of a low version transmission protocol by default. An attacker could intercept packets transferred by a target device. Successful exploit could cause an information leak...

Multiple Huawei products CIDAM protocol information leakage vulnerability

Huawei DP300 etc. are products of Huawei, China.DP300 is a videoconferencing terminal.RP200 is an all-in-one videoconferencing device.CIDAM is one of the message transfer protocols. An information disclosure vulnerability exists in the CIDAM protocol in several Huawei products due to the...

Hyperfox - HTTP/HTTPs MITM proxy and traffic recorder with on-the-fly TLS cert generation

Hyperfox is a security tool for proxying and recording HTTP and HTTPs communications on a LAN. Hyperfox is capable of forging SSL certificates on the fly if you provide it with a root CA certificate and its corresponding key. If the target machine recognizes the root CA as trusted, then HTTPs...

Puppet Enterprise console session vulnerability

Puppet is a set of configuration management tools based on client/server C/S architecture from Puppet Labs in the U.S. It can be used to manage configuration files, users, cron tasks, packages, system services, etc. Puppet Enterprise is an enterprise version. console is one of the console tools. ...

CVE-2015-8470

The console in Puppet Enterprise 3.7.x, 3.8.x, and 2015.2.x does not set the secure flag for the JSESSIONID cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session...

Schneider Electric Pelco VideoXpert Missing Encryption Of Sensitive Information

Summary VideoXpert is a video management solution designed for scalability, fitting the needs surveillance operations of any size. VideoXpert Ultimate can also aggregate other VideoXpert systems, tying multiple video management systems into a single interface. Description The software transmits...

Uber: The Microsoft Store Uber App Does Not Implement Server-side Token Revocation

Summary The Microsoft Store Uber App Windows Phone Architecture does not properly revoke or expire a rider's x-uber-token upon app signout. Security Impact When a user logs out/signs off of the app, the logout process is handled only locally on the application side, and without any type of...

Unauthorized Access Vulnerability in Xiao Feng Air Ching App Android Version

Ltd. developed with the work of the Xiao Feng Air Dorothy system APP, mainly used to monitor the indoor air quality and Xiao Feng Air Dorothy internal and external machine running status, monitoring items including PM2.5, formaldehyde, oxygen, temperature and humidity, and can be through the APP...

Xiaofeng Air Ching App for Android has an overstepping loophole

Ltd. developed with the work of the Xiao Feng Air Dorothy system APP, mainly used to monitor the indoor air quality and Xiao Feng Air Dorothy internal and external machine running status, monitoring items including PM2.5, formaldehyde, oxygen, temperature and humidity, and can be through the APP...