Samsung 'Find My Mobile' Flaw Allows Hacker to Remotely Lock Your Device

The National Institute of Standards and Technology NIST is warning users of a newly discovered Zero-Day flaw in the Samsung Find My Mobile service, which fails to validate the sender of a lock-code data received over a network. The Find My Mobile feature implemented by Samsung in their devices is...

CVE-2014-4438

Race condition in LoginWindow in Apple OS X before 10.10 allows physically proximate attackers to obtain access by leveraging an unattended workstation on which screen locking had been attempted...

Race condition

Race condition in LoginWindow in Apple OS X before 10.10 allows physically proximate attackers to obtain access by leveraging an unattended workstation on which screen locking had been attempted...

Kernel: mm: try_to_unmap_cluster() should lock_page() before mlocking

It was found that the trytounmapcluster function in the Linux kernel's Memory Managment subsystem did not properly handle page locking in certain cases, which could potentially trigger the BUGON macro in the mlockvmapage function. A local, unprivileged user could use this flaw to crash the system...

CVE-2014-4368

The Accessibility subsystem in Apple iOS before 8 allows attackers to interfere with screen locking via vectors related to AssistiveTouch events...

Design/Logic Flaw

The Accessibility subsystem in Apple iOS before 8 allows attackers to interfere with screen locking via vectors related to AssistiveTouch events...

CVE-2014-4368

The Accessibility subsystem in Apple iOS before 8 allows attackers to interfere with screen locking via vectors related to AssistiveTouch events...

CVE-2014-4368

The CVE-2014-4368 entry concerns Apple iOS prior to version 8, where a logic issue in the Accessibility subsystem affecting AssistiveTouch event handling could interfere with screen locking. In practical terms, this means that under certain AssistiveTouch-related sequences, the device may fail to...

Sendmail 8.9.x/8.10.x/8.11.x/8.12.x File Locking Denial of Service Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/4822/info Sendmail is a MTA for Unix and Linux variants. There is a vulnerability in Sendmail that will lead to a denial of service condition. The vulnerability occurs when a malicious user acquires an exclusive lock on...

PT-2017-6406 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.15.2 Description: A race condition in the ip4 datagram release cb function allows local users to gain privileges or cause a denial of service use-after-free by leveraging incorrect expectations about locking...

openSUSE Security Update : kernel (openSUSE-SU-2011:0861-1)

The openSUSE 11.3 kernel was updated to 2.6.34.10 to fix various bugs and security issues. Following security issues have been fixed: CVE-2011-2495: The /proc/PID/io interface could be used by local attackers to gain information on other processes like number of password characters typed or...

openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2013:0777-1)

java-160-openjdk was updated to 1.12.5 bnc817157 - Security fixes - S6657673, CVE-2013-1518: Issues with JAXP - S7200507: Refactor Introspector internals - S8000724, CVE-2013-2417: Improve networking serialization - S8001031, CVE-2013-2419: Better font processing - S8001040, CVE-2013-1537: Rework...

[SECURITY] [DSA 2926-1] linux security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2926-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 12, 2014 http://www.debian.org/security/faq -...

Debian DSA-2926-1 : linux - security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leaks or privilege escalation : - CVE-2014-0196 Jiri Slaby discovered a race condition in the pty layer, which could lead to denial of service or privilege escalation. - CVE-2014-173...

[SECURITY] [DSA 2926-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2926-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 12, 2014 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 2926-1 (linux - security update)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leaks or privilege escalation: CVE-2014-0196 Jiri Slaby discovered a race condition in the pty layer, which could lead to denial of service or privilege escalation. CVE-2014-1737 /...

DEBIAN-CVE-2014-3122

The trytounmapcluster function in mm/rmap.c in the Linux kernel before 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service system crash by triggering a memory-usage pattern that requires removal of page-table mappings...

mysql: unspecified vulnerability related to Locking DoS (CPU Jan 2014)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking...

mysql: unspecified vulnerability related to Locking DoS (CPU Jan 2014)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking...

Mandriva Linux Security Advisory : mariadb (MDVSA-2014:028)

Multiple vulnerabilities has been discovered and corrected in mariadb : Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service crash and possibly execute arbitrary code via a long server version string CVE-2014-0001...