14 matches found
EUVD-2019-7147
Malware in sbrugna...
EUVD-2019-6429
Malware in sbrugna...
CVE-2019-15428
The Xiaomi Mi Note 2 Android device with a build fingerprint of Xiaomi/scorpio/scorpio:6.0.1/MXB48T/7.1.5:user/release-keys contains a pre-installed app with a package name of com.miui.powerkeeper app versionCode=40000, versionName=4.0.00 that allows unauthorized wireless settings modification vi...
CVE-2019-15428
The Xiaomi Mi Note 2 Android device with a build fingerprint of Xiaomi/scorpio/scorpio:6.0.1/MXB48T/7.1.5:user/release-keys contains a pre-installed app with a package name of com.miui.powerkeeper app versionCode=40000, versionName=4.0.00 that allows unauthorized wireless settings modification vi...
Design/Logic Flaw
The Xiaomi Mi Note 2 Android device with a build fingerprint of Xiaomi/scorpio/scorpio:6.0.1/MXB48T/7.1.5:user/release-keys contains a pre-installed app with a package name of com.miui.powerkeeper app versionCode=40000, versionName=4.0.00 that allows unauthorized wireless settings modification vi...
CVE-2019-15428
The CVE-2019-15428 entry refers to a vulnerability in the Xiaomi Mi Note 2 where a pre-installed app (com.miui.powerkeeper, versionCode 40000, versionName 4.0.00) enables unauthorized wireless settings modification via a confused deputy attack. Affected device builds are Xiaomi/scorpio/scorpio:6....
CVE-2019-15428
The Xiaomi Mi Note 2 Android device with a build fingerprint of Xiaomi/scorpio/scorpio:6.0.1/MXB48T/7.1.5:user/release-keys contains a pre-installed app with a package name of com.miui.powerkeeper app versionCode=40000, versionName=4.0.00 that allows unauthorized wireless settings modification vi...
CVE-2019-16401
The CVE-2019-16401 entry concerns Samsung Galaxy S8 Plus, Galaxy S3, and Galaxy Note 2 devices. These devices allegedly allow injection of AT+CIMI and AT+CGSN over Bluetooth, exposing sensitive information such as IMSI, IMEI, call status, call setup stage, internet service status, signal strength...
CVE-2019-16400
Samsung Galaxy S8 plus Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3, Samsung Galaxy S3 Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: I9300XXUGNA8, and Samsung...
Samsung Exynos芯片内核device /dev/exynos-mem本地权限提升漏洞
BUGTRAQ ID: 56955 Exynos是韩国三星电子基于ARM构架处理器品牌。 Samsung Exynos在内核设备/dev/exynos-mem内存在安全漏洞,此设备允许所有用户读写所有物理内存,导致攻击者获取系统的root访问权限。/dev/exynos-mem用于图形处理,例如照相机、图形内存分配、hdmi等。多个设备受到影响:Samsung Galaxy S2、Samsung Galxy Note 2、MEIZU MX、所有嵌入了exynos处理器(4210和4412)的设备。有3个库使用了/dev/exynos-mem:...
CVE-2012-6422
The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions 0666 for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memory and gain privileges via a crafted...
Code injection
The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions 0666 for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memory and gain privileges via a crafted...
CVE-2012-6422
The CVE-2012-6422 entry concerns the kernel on certain Android devices (Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly others) using weak permissions (0666) on /dev/exynos-mem when running an Exynos 4210/4412, enabling an attacker to read or write arbitrary physical memory and achieve p...
CVE-2012-6422
The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions 0666 for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memory and gain privileges via a crafted...