186 matches found
qualcomm_avb_exploit_poc
qualcommavbexploitpoc PoC for a Qualcomm ABL bootloader un...
CVE-2025-48651
In importWrappedKey of KMKeymasterApplet.java, there is a possible way access keys that should be restricted due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
XML External Entity (XXE) Injection
Apache Syncope Console is vulnerable to XML External Entity XXE injection. The vulnerability is due to improper restriction of external entity references in XML processing, where an authenticated administrator can submit malicious XML in Keymaster parameters via the Console, leading to sensitive...
XML External Entity (XXE) Injection
Overview Affected versions of this package are vulnerable to XML External Entity XXE Injection on Keymaster parameters in XML format. An attacker can access sensitive information by submitting crafted XML data containing external entity references. Details XXE Injection is a type of attack agains...
Apache Syncope: Console XXE on Keymaster parameters
Improper Restriction of XML External Entity Reference vulnerability in Apache Syncope Console. An administrator with adequate entitlements to create or edit Keymaster parameters via Console can construct malicious XML text to launch an XXE attack, thereby causing sensitive data leakage occurs. Th...
GHSA-73F3-RQQF-2J54 Apache Syncope: Console XXE on Keymaster parameters
Improper Restriction of XML External Entity Reference vulnerability in Apache Syncope Console. An administrator with adequate entitlements to create or edit Keymaster parameters via Console can construct malicious XML text to launch an XXE attack, thereby causing sensitive data leakage occurs. Th...
CVE-2026-23795
Improper Restriction of XML External Entity Reference vulnerability in Apache Syncope Console. An administrator with adequate entitlements to create or edit Keymaster parameters via Console can construct malicious XML text to launch an XXE attack, thereby causing sensitive data leakage occurs. Th...
CVE-2026-23795
CVE-2026-23795 describes an XML External Entity (XXE) vulnerability in the Apache Syncope Console. An administrator with sufficient entitlements to create or edit Keymaster parameters can craft malicious XML text to trigger XXE, potentially leaking sensitive data. Affected versions: Apache Syncop...
CVE-2026-23795 Apache Syncope: Console XXE on Keymaster parameters
Improper Restriction of XML External Entity Reference vulnerability in Apache Syncope Console. An administrator with adequate entitlements to create or edit Keymaster parameters via Console can construct malicious XML text to launch an XXE attack, thereby causing sensitive data leakage occurs. Th...
CVE-2019-20607
An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 MSM8996, MSM8998, Exynos7420, Exynos7870, Exynos8890, and Exynos8895 chipsets software. A heap overflow in the keymaster Trustlet allows attackers to write to TEE memory, and achieve arbitrary code execution. The Samsung ...
org.apache.syncope.core:syncope-core-metrics-starter (=4.0.2), org.apache.syncope.core:syncope-core-self-keymaster-starter (>=4.0.0 <=4.0.2) potentially affected by CVE-2025-65998 via org.apache.syncope.core:syncope-core-starter (>=4.0.0-M0 <=4.0.2)
org.apache.syncope.core:syncope-core-starter MAVEN version =4.0.0-M0, =4.0.0, =4.0.2 Source cves: CVE-2025-65998 Source advisory: SNYK:JAVA-ORGAPACHESYNCOPECORE-14105145...
org.apache.syncope.core:syncope-core-self-keymaster-starter (>=3.0.0 <=3.0.14) potentially affected by CVE-2025-65998 via org.apache.syncope.core:syncope-core-starter (>=3.0.0-M0 <=3.0.14)
org.apache.syncope.core:syncope-core-starter MAVEN version =3.0.0-M0, =3.0.0, =3.0.14 Source cves: CVE-2025-65998 Source advisory: SNYK:JAVA-ORGAPACHESYNCOPECORE-14105145...
EUVD-2019-11147
Malware in sbrugna...
EUVD-2018-17636
Malware in sbrugna...
EUVD-2019-5344
Malware in sbrugna...
EUVD-2018-13581
Malware in sbrugna...
EUVD-2019-18725
Malware in sbrugna...
EUVD-2014-9778
Malware in sbrugna...
EUVD-2019-2419
Malware in sbrugna...
EUVD-2021-12386
Malware in sbrugna...