Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-1552

Malware in sbrugna...

7.5CVSS6.1AI score0.01146EPSS
Exploits4References4
NVD
NVD
added 2017/05/11 6:29 p.m.22 views

CVE-2016-10370

An issue was discovered on OnePlus devices such as the 3T. The OnePlus OTA Updater pushes the signed-OTA image over HTTP without TLS. While it does not allow for installation of arbitrary OTAs due to the digital signature, it unnecessarily increases the attack surface, and allows for remote...

7.5CVSS6.4AI score0.01146EPSS
Exploits4References3
Prion
Prion
added 2017/05/11 6:29 p.m.16 views

Design/Logic Flaw

An issue was discovered on OnePlus devices such as the 3T. The OnePlus OTA Updater pushes the signed-OTA image over HTTP without TLS. While it does not allow for installation of arbitrary OTAs due to the digital signature, it unnecessarily increases the attack surface, and allows for remote...

5CVSS7.6AI score0.01146EPSS
Exploits8References3
Cvelist
Cvelist
added 2017/05/11 6:0 p.m.23 views

CVE-2016-10370

An issue was discovered on OnePlus devices such as the 3T. The OnePlus OTA Updater pushes the signed-OTA image over HTTP without TLS. While it does not allow for installation of arbitrary OTAs due to the digital signature, it unnecessarily increases the attack surface, and allows for remote...

6.4AI score0.01146EPSS
Exploits4References3
CVE
CVE
added 2017/05/11 6:0 p.m.62 views

CVE-2016-10370

An issue linked to CVE-2016-10370 affects OnePlus OTA updaters on devices such as OnePlus 3/3T: the OTA image is delivered over HTTP without TLS, increasing the attack surface and enabling potential exploitation of other vulnerabilities (CVE-2017-5948, CVE-2017-8850, CVE-2017-8851). The root caus...

7.5CVSS6.2AI score0.01146EPSS
Exploits4References3Affected Software1
hackapp
hackapp
added 2016/04/01 9:5 a.m.8 views

OTA updater - External URLs, Possible privilege escalation, SD-card access vulnerabilities

HackApp vulnerability scanner discovered that application OTA updater published at the 'play' market has multiple vulnerabilities...

1.3AI score
Exploits0References1Affected Software1
Rows per page
Query Builder