1830 matches found
MediaTek 芯片 安全漏洞
MediaTek chips are a variety of chips from MediaTek, a Chinese company called Mediatek. A security vulnerability exists in the MediaTek chips that allows exposure of sensitive information to unauthorized participants in the seninf driver...
CVE-2021-33088
Incorrect default permissions in the installer for the IntelR NUC M15 Laptop Kit Integrated Sensor Hub driver pack before version 5.4.1.4449 may allow an authenticated user to potentially enable escalation of privilege via local access...
sensorinstruments.de Cross Site Scripting vulnerability OBB-2215868
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2021-30315
Improper handling of sensor HAL structure in absence of sensor can lead to use after free in Snapdragon Auto...
Input validation
Improper handling of sensor HAL structure in absence of sensor can lead to use after free in Snapdragon Auto...
CVE-2021-30315
CVE-2021-30315 concerns improper handling of the sensor HAL structure in the absence of the sensor, leading to a use-after-free condition in Snapdragon Auto. Public documentation reiterates the root cause as sensor HAL mismanagement and lists Qualcomm’s sensor subsystem as the affected area. Conn...
CVE-2021-30315
Improper handling of sensor HAL structure in absence of sensor can lead to use after free in Snapdragon Auto...
maltrail
This is a Python-based malicious traffic detection system called Maltrail. It is designed to identify and report malicious traffic, including malware, suspicious domains, and other types of malicious activity. The system uses a combination of publicly available blacklists and custom user-defined...
Qualcomm 多款产品资源管理错误漏洞
The Qualcomm QCA6574AU is a central processing unit CPU product from Qualcomm Incorporated USA. A resource management error vulnerability exists in multiple Qualcomm products, which is triggered by mishandling the sensor HAL structure in the absence of a sensor. The following products and version...
The vulnerability of U.motion’s sensor panel’s microprogramming software lies in the lack of protective measures for the SQL query structure, allowing attackers to execute arbitrary code.
The vulnerability of U.motion’s sensor panel’s microprogramming software is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...
New Glowworm Attack Recovers Device's Sound from Its LED Power Indicator
A novel technique leverages optical emanations from a device's power indicator LED to recover sounds from connected peripherals and spy on electronic conversations from a distance of as much as 35 meters. Dubbed the "Glowworm attack," the findings were published by a group of academics from the...
CVE-2021-38545
Raspberry Pi 3 B+ and 4 B devices through 2021-08-09, in certain specific use cases in which the device supplies power to audio-output equipment, allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. We...
CVE-2021-38548
JBL Go 2 devices through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. The power indicator LED of the speakers is connected directly to the power line, as a result, the intensity of a...
CVE-2021-38548
JBL Go 2 devices through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. The power indicator LED of the speakers is connected directly to the power line, as a result, the intensity of a...
CVE-2021-38546
CREATIVE Pebble devices through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. The power indicator LED of the speakers is connected directly to the power line, as a result, the intensit...
CVE-2021-38549
MIRACASE MHUB500 USB splitters through 2021-08-09, in certain specific use cases in which the device supplies power to audio-output equipment, allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. We...
CVE-2021-38543
TP-Link UE330 USB splitter devices through 2021-08-09, in certain specific use cases in which the device supplies power to audio-output equipment, allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. We...
CVE-2021-38545
Raspberry Pi 3 B+ and 4 B devices through 2021-08-09, in certain specific use cases in which the device supplies power to audio-output equipment, allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. We...
CVE-2021-38546
CREATIVE Pebble devices through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. The power indicator LED of the speakers is connected directly to the power line, as a result, the intensit...
CVE-2021-38547
Logitech Z120 and S120 speakers through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. The power indicator LED of the speakers is connected directly to the power line, as a result, the...