30 matches found
EUVD-2019-16301
Malware in sbrugna...
CVE-2019-6743
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Mi6 Browser prior to 10.4.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
HUMINT in a cyber world
TL;DR HUMINT / Human Intelligence is gathered from a person in the location in question. It’s the sort of information we think of in the context of spying. A modern intelligence apparatus is multi-discipline with many different collection methods. HUMINT sources include officers, agents, diplomat...
Xiaomi Mi6 Browser Authorization Bypass Vulnerability
Xiaomi Mi6 Browser is a web browser from Xiaomi Technology Xiaomi, a Chinese company. An authorization bypass vulnerability exists in Xiaomi Mi6 Browser. An attacker can exploit this vulnerability to bypass authorization with a specially crafted HTML response...
(Pwn2Own) Xiaomi Browser Captive Portal WebView Authorization Bypass Vulnerability
This vulnerability allows network adjacent attackers to execute arbitrary code on affected installations of Xiaomi Mi6. User interaction is required to exploit this vulnerability in that the target must connect to a malicious access point. The specific flaw exists within the handling of HTTP...
CVE-2019-6743
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Mi6 Browser prior to 10.4.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
CVE-2019-6743
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Mi6 Browser prior to 10.4.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
Heap overflow
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Mi6 Browser prior to 10.4.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
CVE-2019-6743
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Mi6 Browser prior to 10.4.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
CVE-2019-6743
The CVE-2019-6743 entry relates to Xiaomi Mi6 Browser prior to 10.4.0, with a flaw in WebAssembly.Instance due to improper validation that can cause a heap-based write overflow. This enables remote code execution when a user visits a malicious page or opens a malicious file and requires user inte...
Xiaomi Mi6 Browser Information Disclosure Vulnerability
Xiaomi Mi6 Browser is a web browser from Xiaomi Technology Xiaomi, a Chinese company. An information disclosure vulnerability exists in the 'CollectValuesOrEntriesImpl' function in Xiaomi Mi6 Browser. A remote attacker can exploit this vulnerability to execute arbitrary code in the context of the...
(Pwn2Own) Xiaomi Mi6 V8 CollectValuesOrEntriesImpl Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Mi6. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Xiaomi Mi6 Browser Out-of-Bounds Write Vulnerability
Xiaomi Mi6 Browser is a web browser from Xiaomi Technology Xiaomi, a Chinese company. An out-of-bounds write vulnerability exists in Xiaomi Mi6 Browser, which arises from a networked system or product that does not properly validate data boundaries when performing operations in memory, and can be...
Xiaomi Mi6 Browser Remote Code Execution Vulnerability
Xiaomi Mi6 Browser is a web browser from Xiaomi Technology Xiaomi, a Chinese company. A remote code execution vulnerability exists in Xiaomi Mi6 Browser, which arises from a network system or product that does not properly validate incoming data and can be exploited by remote attackers to execute...
PT-2019-18303 · Xiaomi · Xiaomi Mi6 Browser
Name of the Vulnerable Software and Affected Versions: Xiaomi Mi6 Browser versions prior to 10.4.0 Description: This issue allows remote attackers to execute arbitrary code on vulnerable installations. User interaction is required, where the target must visit a malicious page or open a malicious...
(Pwn2Own) Xiaomi Mi6 Browser WebAssembly.Instance Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Mi6 Browser. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
(Pwn2Own) Xiaomi Mi6 Browser CalculateInstanceSizeHelper Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Mi6 Browser. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling ...
(0Day) (Pwn2Own) Xiaomi Mi6 Browser Redirect Improper Authorization Remote Code Execution Vulnerability
This vulnerability allows network adjacent attackers to execute arbitrary code on vulnerable installations of Xiaomi Mi6 Browser. User interaction is required to exploit this vulnerability in that the target must connect to a malicious access point. The specific flaw exists within the handling of...
(0Day) (Pwn2Own) Xiaomi Mi6 Browser downloadAndInstallApk Improper Authorization Remote Code Execution Vulnerability
This vulnerability allows network adjacent attackers to execute arbitrary code on vulnerable installations of Xiaomi Mi6 Browser. User interaction is required to exploit this vulnerability in that the target must connect to a malicious access point. The specific flaw exists within the handling of...
(0Day) (Pwn2Own) Xiaomi Mi6 Captive Portal Whitelist Bypass Remote Code Execution Vulnerability
This vulnerability allows network adjacent attackers to execute arbitrary code on vulnerable installations of Xiaomi Mi6. User interaction is required to exploit this vulnerability in that the target must connect to a malicious access point. The specific flaw exists within the handling of...