Lucene search
K

142 matches found

Cvelist
Cvelist
added 2020/04/07 3:56 p.m.26 views

CVE-2017-18648

An issue was discovered on Samsung mobile devices with KK4.4.x, L5.x, M6.x, and N7.x software. Arbitrary file read/write operations can occur in the locked state via a crafted MTP command. The Samsung ID is SVE-2017-10086 November 2017...

9.1AI score0.00401EPSS
Exploits0References1
CVE
CVE
added 2020/04/07 3:56 p.m.50 views

CVE-2017-18648

CVE-2017-18648 affects Samsung mobile devices running KK(4.4.x) to N(7.x). The vulnerability allows arbitrary file read/write while the device is in a locked state via a crafted MTP command, indicating a flaw in how MTP is processed on this platform. The issue, reported across multiple Android ve...

9.1CVSS8.9AI score0.00401EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2020/04/06 12:0 a.m.19 views

Debian: Security Advisory (DLA-2169-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.6AI score0.00855EPSS
Exploits0References3
Debian
Debian
added 2020/04/05 2:48 p.m.120 views

[SECURITY] [DLA 2169-1] libmtp security update

Package : libmtp Version : 1.1.8-1+deb8u1 CVE ID : CVE-2017-9831 CVE-2017-9832 libmtp is a library for communicating with MTP aware devices. The Media Transfer Protocol commonly referred to as MTP is a devised set of custom extensions to support the transfer of music files on USB digital audio...

6.8CVSS7.6AI score0.00855EPSS
Exploits0
OSV
OSV
added 2020/03/24 6:15 p.m.6 views

CVE-2020-10845

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. There is a race condition leading to a use-after-free in MTP. The Samsung ID is SVE-2019-16520 February 2020...

6.4CVSS6.6AI score0.001EPSS
Exploits0References1
NVD
NVD
added 2020/03/24 6:15 p.m.18 views

CVE-2020-10845

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. There is a race condition leading to a use-after-free in MTP. The Samsung ID is SVE-2019-16520 February 2020...

6.4CVSS6.5AI score0.001EPSS
Exploits0References1
Prion
Prion
added 2020/03/24 6:15 p.m.13 views

Race condition

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. There is a race condition leading to a use-after-free in MTP. The Samsung ID is SVE-2019-16520 February 2020...

4.4CVSS6.4AI score0.001EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/03/24 5:28 p.m.20 views

CVE-2020-10845

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. There is a race condition leading to a use-after-free in MTP. The Samsung ID is SVE-2019-16520 February 2020...

6.5AI score0.001EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2020/02/12 12:0 a.m.152 views

Samsung SEND_FILE_WITH_HEADER Use-After-Free

Samsung: UAF via missing locking in SENDFILEWITHHEADER handler in fmtpsamsung.c Tested on a Samsung A50 SM-A505FN, running build "samsung/a50xx/a50:9/PPR1.180610.011/A505FNXXS3ASK9:user/release-keys", security patch level 2019-11-01. Samsung's kernel tree contains two implementations of...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/02/12 12:0 a.m.123 views

Samsung SEND_FILE_WITH_HEADER Use-After-Free Exploit

Samsung suffers from a use-after-free vulnerability due to a missing lock in the SENDFILEWITHHEADER handler in fmtpsamsung.c. Samsung: UAF via missing locking in SENDFILEWITHHEADER handler in fmtpsamsung.c Tested on a Samsung A50 SM-A505FN, running build...

7.3AI score
Exploits0
CVE
CVE
added 2019/10/28 2:23 p.m.54 views

CVE-2019-3636

McAfee Total Protection Windows client (versions up to 16.0.R21) is affected by CVE-2019-3636, a local File Masquerade vulnerability that lets an attacker read the plaintext list of AV-Scan exclusion files from the Windows registry and potentially replace excluded files with malware without detec...

7.8CVSS7.4AI score0.00225EPSS
Exploits0References1Affected Software1
Oracle linux
Oracle linux
added 2019/05/14 12:0 a.m.142 views

qemu security update

15:3.1.0-3.el7 - x86: Document CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 as fixed Mark Kanda Orabug: 29744956 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 15:3.1.0-2.el7 - x86: Add mds feature Karl Heubaum - e1000: Never increment the RX undersize count register...

10CVSS7.6AI score0.93838EPSS
Exploits26
Tenable Nessus
Tenable Nessus
added 2019/05/02 12:0 a.m.43 views

Fedora 30 : 2:qemu (2019-0664c7724d)

fix crash with virgl enabled bz 1692323 - linux-user: make pwrite64/pread64fd, NULL, 0, offset return 0 bz 1174267 - Fix build with latest gluster bz 1684298 - CVE-2018-20123: pvrdma: memory leakage in device hotplug bz 1658964 - CVE-2018-16872: usb-mtp: path traversal issue bz 1659150 -...

7.8CVSS6.5AI score0.03725EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2019/03/28 12:0 a.m.70 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : QEMU vulnerabilities (USN-3923-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3923-1 advisory. Michael Hanselmann discovered that QEMU incorrectly handled the Media Transfer Protocol MTP. An attacker inside the guest could u...

7.8CVSS7.2AI score0.03879EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2019/02/28 12:0 a.m.44 views

openSUSE Security Update : qemu (openSUSE-2019-254)

This update for qemu fixes the following issues : Security issues fixed : - CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation bsc1123156. - CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp bsc1119493. -...

7.8CVSS6.5AI score0.01075EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2019/02/27 12:0 a.m.68 views

SUSE SLES12 Security Update : qemu (SUSE-SU-2019:0489-1)

This update for qemu fixes the following issues : Security issues fixed : CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation bsc1123156. CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp bsc1119493. CVE-2018-19489:...

7.8CVSS6.6AI score0.02959EPSS
Exploits0References21
OPENSUSE Linux
OPENSUSE Linux
added 2019/02/27 12:0 a.m.158 views

Security update for qemu (important)

openSUSE Security Update: Security update for qemu Announcement ID: openSUSE-SU-2019:0254-1 Rating: important References: 1063993 1079730 1100408 1101982 1112646 1114957 1116717 1117275 1119493 1121600 1123156 1123179 Cross-References: CVE-2018-16872 CVE-2018-18954 CVE-2018-19364 CVE-2018-19489...

7.8CVSS7.9AI score0.01075EPSS
Exploits0References12
Oracle linux
Oracle linux
added 2019/01/25 12:0 a.m.48 views

qemu security update

15:3.0.0-4.el7 - usb-mtp: use ONOFOLLOW and OCLOEXEC. Gerd Hoffmann Orabug: 29056673 CVE-2018-16872 - pvrdma: add uarread routine Prasad J Pandit CVE-2018-20191 - pvrdma: release ring object in case of an error Prasad J Pandit Orabug: 29171822 CVE-2018-20126 - pvrdma: check number of pages when...

7.5CVSS6.8AI score0.03879EPSS
Exploits0
Oracle linux
Oracle linux
added 2018/12/21 12:0 a.m.47 views

qemu security update

15:3.0.0-3.el7 - monitor: guard iothread access by mon-useiothread Wolfgang Bumiller Orabug: 29046045 - monitor: delay monitor iothread creation Wolfgang Bumiller Orabug: 29010480 - Revert 'qmp: isolate responses into io thread' Marc-Andre Lureau Orabug: 29010480 - usb-mtp: outlaw slashes in...

7.8CVSS0.6AI score0.00561EPSS
Exploits0
Oracle linux
Oracle linux
added 2018/12/21 12:0 a.m.54 views

qemu security update

15:3.0.0-3.el7 - monitor: guard iothread access by mon-useiothread Wolfgang Bumiller Orabug: 29046045 - monitor: delay monitor iothread creation Wolfgang Bumiller Orabug: 29010480 - Revert 'qmp: isolate responses into io thread' Marc-Andre Lureau Orabug: 29010480 - usb-mtp: outlaw slashes in...

7.8CVSS0.6AI score0.00561EPSS
Exploits0
Rows per page
Query Builder