EUVD-2018-2572

Malware in sbrugna...

firefox: DOM push subscription message could hang Firefox

The Mozilla Foundation's Security Advisory: By sending a specially crafted push message, a remote server could hang the parent process, causing the browser to become unresponsive...

SUSE CVE-2023-6868

In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthorized parties. This bug only affects Firefox on Android. This vulnerability affects Firefox 121...

SharkBot Banking Trojan Resurfaces On Google Play Store Hidden Behind 7 New Apps

As many as seven malicious Android apps discovered on the Google Play Store masqueraded as antivirus solutions to deploy a banking trojan called SharkBot. "SharkBot steals credentials and banking information," Check Point researchers Alex Shamshur and Raman Ladutska said in a report shared with T...

CVE-2022-24125

The matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allow remote attackers to send arbitrary push requests to clients via a RequestSendMessageToPlayers request. For example, ability to send a push message to hundreds of thousands of machines is only restricted o...

PT-2022-16479 · Fromsoftware · Dark Souls Iii

Name of the Vulnerable Software and Affected Versions: Dark Souls III versions through 2022-03-19 Description: The matchmaking servers allow remote attackers to send arbitrary push requests to clients via a "RequestSendMessageToPlayers" request. This issue is restricted on the client side and can...

CVE-2018-10500

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

Design/Logic Flaw

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

CVE-2018-10500

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

CVE-2018-10500

This CVE affects Samsung Galaxy Apps. The vulnerability lies in handling push messages, enabling a local attacker who already has low-privilege code execution to start an activity with controlled arguments and escalate privileges to protected resources. Affected component: Samsung Galaxy Apps (An...

CVE-2018-10500

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

Samsung Galaxy Apps Privilege Access Control Vulnerability

Samsung Galaxy Apps is an application store program from Samsung South Korea that is used in Samsung cell phones. A privilege access control vulnerability exists in the handling of push messages in Samsung Galaxy Apps. A local attacker could exploit this vulnerability by obtaining execute...

Samsung Galaxy Apps Activity Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling o...

Unauthorized Modification Vulnerability in Samsung Galaxy S4 to S7 Devices

The Samsung Galaxy S4 and others are smart mobile devices released by the South Korean company Samsung Samsung. An unauthorized modification vulnerability exists in Samsung Galaxy S4 to S7 devices. The vulnerability stems from the program ignoring security information embedded in OMACP messages. ...