CVE-2023-30024

The MagicJack device, a VoIP solution for internet phone calls, contains a hidden NAND flash memory partition allowing unauthorized read/write access. Attackers can exploit this by replacing the original software with a malicious version, leading to ransomware deployment on the host computer...

PT-2023-22514 · Magicjack · Magicjack A921 Usb Phone Jack

Name of the Vulnerable Software and Affected Versions: MagicJack A921 USB Phone Jack versions prior to Rev 3.0 V1.4 Description: The MagicJack device, a VoIP solution for internet phone calls, contains a hidden NAND flash memory partition allowing unauthorized read/write access. Attackers can...

McAfee Total Protection Information Disclosure Vulnerability

McAfee Total Protection MTP is a suite of antivirus software from the American company McAfee. An information disclosure vulnerability exists in McAfee MTP 16.0.R21 and prior versions, which can be exploited by an attacker to read the plaintext list of AV-Scan excluded files from the Windows...

CVE-2019-3636

A File Masquerade vulnerability in McAfee Total Protection MTP version 16.0.R21 and earlier in Windows client allowed an attacker to read the plaintext list of AV-Scan exclusion files from the Windows registry, and to possibly replace excluded files with potential malware without being detected...

gfe-sass Remote Code Execution Vulnerability

gfe-sass is a sass library. A security vulnerability exists in gfe-sass that originates when a program downloads a binary file over an unencrypted HTTP link. An attacker could exploit this vulnerability by intercepting the response and replacing the requested binary with a malicious executable fi...