EUVD-2018-5988

Malware in sbrugna...

EUVD-2021-15852

Malware in sbrugna...

OESA-2025-1301 syslinux security update

The Syslinux Project covers lightweight bootloaders for MS-DOS FAT filesystems SYSLINUX, network booting PXELINUX, bootable "El Torito" CD-ROMs ISOLINUX, and Linux ext2/ext3/ext4 or btrfs filesystems EXTLINUX. The project also includes MEMDISK, a tool to boot legacy operating systems such as DOS...

Fedora: Security Advisory for blender (FEDORA-2023-a5e10b188a)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2021-29213

A potential local bypass of security restrictions vulnerability has been identified in HPE ProLiant DL20 Gen10, HPE ProLiant ML30 Gen10, and HPE ProLiant MicroServer Gen10 Plus server's system ROMs prior to version 2.52. The vulnerability could be locally exploited to cause disclosure of sensitiv...

CVE-2021-29213

A potential local bypass of security restrictions vulnerability has been identified in HPE ProLiant DL20 Gen10, HPE ProLiant ML30 Gen10, and HPE ProLiant MicroServer Gen10 Plus server's system ROMs prior to version 2.52. The vulnerability could be locally exploited to cause disclosure of sensitiv...

CVE-2020-14097

Wrong nginx configuration, causing specific paths to be downloaded without authorization. This affects Xiaomi router AX6 ROM version 1.0.18...

libvirt security update

5.7.0-15.el7 - qemu: Escape the qemu driver systemd DOT hoax Wim ten Have Orabug: 31380815 5.7.0-14.el7 - vmx: make 'fileName' optional for CD-ROMs Pino Toscano Orabug: 31350200 - vmx: shortcut earlier few 'ignore' cases in virVMXParseDisk Pino Toscano Orabug: 31350200 - domain group: Fix a...

CVE-2018-14066

The content://wappush content provider in com.android.provider.telephony, as found in some custom ROMs for Android phones, allows SQL injection. One consequence is that an application without the READSMS permission can read SMS messages. This affects Infinix X571 phones, as well as various Lenovo...

emuparadise.me XSS vulnerability

Vulnerable URL: https://www.emuparadise.me/roms/search.php/"'--!...

OnePlus OTA OxygenOS/HydrogenOS Crossover Vulnerability(CVE-2017-8850)

Products OnePlus 3T OnePlus 3 OnePlus 2 OnePlus X OnePlus One Vulnerable Version All OnePlus OxygenOS & HydrogenOS OTAs Technical Details Due to lenient updater-script in the OnePlus OTA images see below, and the fact both ROMs use the same OTA verification keys, attackers can install HydrogenOS...

CVE-2017-8850

An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. Due to a lenient updater-script in the OnePlus OTA images, and the fact that both ROMs use the same OTA verification keys, attackers can install HydrogenOS over OxygenOS and vice versa, even on locked bootloaders, which allows for...

emuparadise.me XSS vulnerability

Vulnerable URL: https://www.emuparadise.me/roms/search.php/"'--!...

Android sensord Local Root

/ Android sensord 0day root exploit by s0m3b0dy tested on LG L7 PL need pentests? s0m3b0dy1atgmail.com some Android devices have sensord deamon, for some ROMs the deamon is running as root processthere we can use this exploit and --------- root@android:/ strace sensord...

How to Root Windows Phone and Unlock the Bootloader to Install Custom ROMs

Yes, Now it is possible to unlock a Windows Lumia Phone for Root Access and run custom ROMs. Both Microsoft as well as Nokia have made Windows Lumia smartphones difficult to break into at a low-level by locking down their bootloaders, but a software hacker, who go by the name HeathCliff, has just...

Apple Patches Thunderstrike Bug in OSX, Fixes More Than 30 Flaws in iOS

Apple has released major security updates for both OS X and iOS that includes patches for a number of bugs that could lead to arbitrary code execution. The release of iOS 8.1.3 fixes a vulnerability that allowed an attacker to bypass the sandbox restrictions in Safari and the OS X update fixes a...

CoolReaper Backdoor Found On CoolPad Android Mobile Devices

A popular Android smartphone sold primarily in China and Taiwan but also available worldwide, contains a backdoor from the manufacturer that is being used to push pop-up advertisements and install apps without users’ consent. The Coolpad devices, however, are ripe for much more malicious abuse,...

Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2378-1)

Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service system crash or possibly execute arbitrary code via specially crafted devices. CVE-2014-3181 Ben Hawkes reported...

Ubuntu: Security Advisory (USN-2375-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 4 : autofs5 (ELSA-2007-1177)

From Red Hat Security Advisory 2007:1177 : Updated autofs5 technology preview packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The autofs utility controls the...