Lucene search
K

142 matches found

Fedora
Fedora
added 2017/07/07 11:19 p.m.22 views

[SECURITY] Fedora 26 Update: libmtp-1.1.13-1.fc26

This package provides a software library for communicating with MTP Media Transfer Protocol media players, typically audio players, video players etc...

6.8CVSS4.5AI score0.00855EPSS
Exploits0
NVD
NVD
added 2017/07/07 5:29 p.m.26 views

CVE-2014-7954

Directory traversal vulnerability in the doSendObjectInfo method in frameworks/av/media/mtp/MtpServer.cpp in Android 4.4.4 allows physically proximate attackers with a direct connection to the target Android device to upload files outside of the sdcard via a .. dot dot in a name parameter of an M...

4.6CVSS4.6AI score0.00357EPSS
Exploits0References4
Prion
Prion
added 2017/07/07 5:29 p.m.20 views

Directory traversal

Directory traversal vulnerability in the doSendObjectInfo method in frameworks/av/media/mtp/MtpServer.cpp in Android 4.4.4 allows physically proximate attackers with a direct connection to the target Android device to upload files outside of the sdcard via a .. dot dot in a name parameter of an M...

2.1CVSS6.9AI score0.00357EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2017/07/07 5:0 p.m.46 views

CVE-2014-7954

The CVE-2014-7954 entry concerns Android 4.4.4 where the MTP path traversal vulnerability lies in MtpServer.cpp (doSendObjectInfo). The issue allows physically proximate attackers connected to the device to upload files outside the sdcard by crafting an MTP request with a .. in the name parameter...

4.6CVSS5.1AI score0.00357EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2017/07/07 5:0 p.m.26 views

CVE-2014-7954

Directory traversal vulnerability in the doSendObjectInfo method in frameworks/av/media/mtp/MtpServer.cpp in Android 4.4.4 allows physically proximate attackers with a direct connection to the target Android device to upload files outside of the sdcard via a .. dot dot in a name parameter of an M...

4.9AI score0.00357EPSS
Exploits0References4
hackapp
hackapp
added 2016/04/01 9:18 a.m.13 views

MTP Ringtones & Wallpapers - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application MTP Ringtones & Wallpapers published at the 'play' market has multiple vulnerabilities...

1.8AI score
Exploits0References1Affected Software1
FireEye
FireEye
added 2016/01/13 7:57 a.m.19 views

The Dangers of Downloads: Securing Mobile Devices in 2016

In 2015, mobile malware attacks were on the rise; from 2014 to 2015 we saw an increase of 61% in the number of these attacks. Malware has a clear progression path; it starts out targeting unsuspecting users who are likely to open unknown attachments or install unknown applications. The primary...

1.5AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2015/12/14 7:7 p.m.4 views

CVE-2015-7946

Information Exposure vulnerability in Unity8 as used on the Ubuntu phone and possibly also in Unity8 shipped elsewhere. This allows an attacker to enable the MTP service by opening the emergency dialer. Fixed in 8.11+16.04.20160111.1-0ubuntu1 and 8.11+15.04.20160122-0ubuntu1...

7.3CVSS5.6AI score0.00366EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2015/04/19 12:0 a.m.54 views

CVE-2014-7954 MTP path traversal vulnerability in Android

MTP path traversal vulnerability in Android 4.4 ----------------------------------------------- doSendObjectInfo method of the MtpServer class implemented in frameworks/av/media/mtp/MtpServer.cpp does not validate the name parameter of the incoming MTP packet at all. It is possible to upload file...

2.1CVSS0.4AI score0.00357EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/04/10 12:0 a.m.24 views

Google Android Operating System < 5.0.0 Multiple Vulnerabilities

Binary data 8665.prm...

7.2CVSS5.6AI score0.24534EPSS
Exploits9References8
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2014/10/07 12:0 a.m.37 views

Stable Channel Update for Chrome OS

The Stable channel has been updated to 38.0.2125.101 Platform version: 6158.49.0, 6158.56.0 for all Chrome OS devices except Chromeboxes. This build contains a number of bug fixes, security updates and feature enhancements. Systems will be receiving updates over the next several days. Here is a...

10CVSS9.5AI score0.05999EPSS
Exploits0Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

MTP Guestbook 1.0 - Multiple XSS Vulnerabilities

No description provided by source. ?!-- MTP Guestbook 1.0 Multiple Remote Script Insertion Vulnerabilities Vendor: MTP Scripts Product web page: http://www.morephp.net Affected version: 1.0 Summary: MTP Guestbook allows you to put a guestbook on your website. Your visitors can sign it and leave a...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Mtp-Target 1.2.2 Client Remote Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13460/info A remote format string vulnerability affects Mtp-Target Client. This issue is due to a failure of the application to securely call a formatted printing function. An attacker may leverage this issue to execute...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.30 views

MTP Image Gallery 1.0 (edit_photos.php, title param) - XSS Vulnerability

No description provided by source. ?!-- MTP Image Gallery 1.0 title Remote Script Insertion Vulnerability Vendor: MTP Scripts Product web page: http://www.morephp.net Affected version: 1.0 Summary: MTP Image Gallery offers more control, better uploading and enhanced performance. With MTP Image...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Mtp-Target Server 1.2.2 Memory Corruption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13463/info The Mtp-Target server is prone to a memory corruption vulnerability. The issue exists because a comparison fails to ensure that an integer value parameter retrieved from a client is signed. A check is made to...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

MTP Poll 1.0 - Multiple XSS Vulnerabilities

No description provided by source. ?!-- MTP Poll 1.0 Multiple Remote Script Insertion Vulnerabilities Vendor: MTP Scripts Product web page: http://www.morephp.net Affected version: 1.0 Summary: More than poll is a polling system with a powerful administration tool. It features: multiple pools,...

7.1AI score
Exploits0
OSV
OSV
added 2014/03/11 1:1 p.m.1 views

DEBIAN-CVE-2014-2282

The dissectprotocoldataparameter function in epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x before 1.10.6 does not properly allocate memory, which allows remote attackers to cause a denial of service application crash via a crafted SS7 MTP3 packet...

4.3CVSS7.2AI score0.02079EPSS
Exploits1References1
0day.today
0day.today
added 2013/02/26 12:0 a.m.36 views

MTP Image Gallery 1.0 XSS Vulnerability

Exploit for php platform in category web applications MTP Image Gallery 1.0 title Remote Script Insertion Vulnerability alert1;' / input type=...

7.1AI score
Exploits0
0day.today
0day.today
added 2013/02/26 12:0 a.m.28 views

MTP Guestbook 1.0 - Multiple XSS Vulnerabilities

Exploit for php platform in category web applications MTP Guestbook 1.0 Multiple Remote Script Insertion Vulnerabilities alert1;' / form method="POST" action="http://localhost/mtpguestbook/inse...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2013/02/26 12:0 a.m.32 views

MTP Guestbook 1.0 - Multiple Cross-Site Scripting Vulnerabilities

MTP Guestbook 1.0 - Multiple Cross-Site Scripting Vulnerabilities MTP Guestbook 1.0 Multiple Remote Script Insertion Vulnerabilities alert1;' / input type="hidden" name="ins...

0.2AI score
Exploits0
Rows per page
Query Builder