CVE-2020-14292

In the COVIDSafe application through 1.0.21 for Android, unsafe use of the Bluetooth transport option in the GATT connection allows attackers to trick the application into establishing a connection over Bluetooth BR/EDR transport, which reveals the public Bluetooth address of the victim's phone...

CVE-2020-14292

In the COVIDSafe application through 1.0.21 for Android, unsafe use of the Bluetooth transport option in the GATT connection allows attackers to trick the application into establishing a connection over Bluetooth BR/EDR transport, which reveals the public Bluetooth address of the victim's phone...

Short beacon analysis on the NHS iOS Tracking application

We recently helped the BBC with a piece on the new NHS COVID-19 tracking application. Concerns were raised by some about the ability for the app to track interactions while it was running in the background. There had been some discussion that suggested two iOS devices running the app whilst...

x86: PKRU and BND* leakage between vCPU-s

ISSUE DESCRIPTION Memory Protection Extensions MPX and Protection Key PKU are features in newer processors, whose state is intended to be per-thread and context switched along with all other XSAVE state. Xen's vCPU context switch code would save and restore the state only if the guest had set the...

Debian DSA-3607-1 : linux - security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. - CVE-2015-7515, CVE-2016-2184, CVE-2016-2185, CVE-2016-2186, CVE-2016-2187, CVE-2016-3136, CVE-2016-3137, CVE-2016-3138, CVE-2016-3140 Ralf Spenneberg...

Debian DSA-3170-1 : linux - security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leaks or privilege escalation. - CVE-2013-7421 / CVE-2014-9644 It was discovered that the Crypto API allowed unprivileged users to load arbitrary kernel modules. A local user can use...

Debian Security Advisory DSA 3170-1 (linux - security update)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leaks or privilege escalation. CVE-2013-7421 / CVE-2014-9644 It was discovered that the Crypto API allowed unprivileged users to load arbitrary kernel modules. A local user can use...

Internet Bug Bounty: OpenSSH: Memory corruption in AES-GCM support

Vulnerability A memory corruption vulnerability exists in the post- authentication sshd process when an AES-GCM cipher [email protected] or [email protected] is selected during kex exchange. If exploited, this vulnerability might permit code execution with the privileges of the...

Microsoft Windows NT200020032008XPVista7 - KiTrap0D User Mode to Ring Escalation (MS10-015)

Microsoft Windows NT200020032008XPVista7 - KiTrap0D User Mode to Ring Escalation MS10-015 Exploit-DB Mirror: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/11199.zip KiTrap0D.zip E-DB Note: Make sure to run "vdmallowed.exe" pre-compiled inside the subfolder...

Microsoft Windows NT/2000/2003/2008/XP/Vista/7 - 'KiTrap0D' User Mode to Ring Escalation (MS10-015)

Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/11199.zip KiTrap0D.zip E-DB Note: Make sure to run "vdmallowed.exe" pre-compiled inside the subfolder. Microsoft Windows NT GP Trap Handler Allows Users to Switch Kernel Stack...

Fedora Core 4 : kernel-2.6.12-1.1387_FC4 (2005-510)

Wed Jun 29 2005 Dave Jones - 2.6.12.2 - Mon Jun 27 2005 Dave Jones - Disable multipath caches. 161168 - Reenable AMD756 I2C driver for x86-64. 159609 - Add more IBM r40e BIOS's to the C2/C3 blacklist. - Thu Jun 23 2005 Dave Jones - Make orinoco driver suck less. Scanning/roaming/ethtool support...