Lucene search
+L

291 matches found

Cvelist
Cvelist
added 2021/01/21 9:41 a.m.23 views

CVE-2020-11217

A possible double free or invalid memory access in audio driver while reading Speaker Protection parameters in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

7.7AI score0.00205EPSS
Exploits0References1
CVE
CVE
added 2021/01/21 9:41 a.m.98 views

CVE-2020-11217

CVE-2020-11217 involves a vulnerability in the Qualcomm Snapdragon audio driver (Speaker Protection parameters) that can cause a double free or invalid memory access in the affected audio subsystem. Reported impact targets Snapdragon Compute, Connectivity, Industrial IoT, and Mobile SKUs, with th...

7.8CVSS7.7AI score0.00205EPSS
Exploits0References2Affected Software193
Wired Threat Level
Wired Threat Level
added 2020/12/28 12:0 p.m.55 views

How Your Digital Trails Wind Up in the Police’s Hands

Phone calls. Web searches. Location tracks. Smart speaker requests. They’ve become crucial tools for law enforcement, while users often are unaware...

2.2AI score
Exploits0
CNNVD
CNNVD
added 2020/12/08 12:0 a.m.10 views

Multiple Qualcomm Products Resource Management Error Vulnerability

A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way to miniaturize circuitry including primarily semiconductor devices, but also passive components, etc. and is manufactured from time to time on the surface of semiconductor wafers. A resource management error vulnerability exists in...

7.8CVSS7.1AI score0.00205EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2020/09/21 3:59 p.m.56 views

Android Malware Bypasses 2FA And Targets Telegram, Gmail Passwords

Researchers have uncovered a threat group launching surveillance campaigns that target victims’ personal device data, browser credentials and Telegram messaging application files. One notable tool in the group’s arsenal is an Android malware that collects all two-factor authentication 2FA securit...

0.9AI score
Exploits0References4
CNVD
CNVD
added 2020/09/16 12:0 a.m.20 views

Xiaomi AI speaker Rom buffer overflow vulnerability

Xiaomi AI speaker Rom is a smart speaker device from Chinese company Xiaomi. A buffer overflow vulnerability exists in versions prior to Xiaomi AI speaker Rom 1.59.6, which originates from a memory overflow during the OTA process that can be exploited by an attacker to validate malicious firmware...

9.8CVSS9.6AI score0.01214EPSS
Exploits0References1
NVD
NVD
added 2020/09/11 2:15 p.m.20 views

CVE-2020-14096

Memory overflow in Xiaomi AI speaker Rom version 1.59.6 can happen when the speaker verifying a malicious firmware during OTA process...

9.8CVSS0.01214EPSS
Exploits0References1
OSV
OSV
added 2020/09/11 2:15 p.m.5 views

CVE-2020-14096

Memory overflow in Xiaomi AI speaker Rom version 1.59.6 can happen when the speaker verifying a malicious firmware during OTA process...

9.8CVSS7.3AI score0.01214EPSS
Exploits0References1
Prion
Prion
added 2020/09/11 2:15 p.m.20 views

Design/Logic Flaw

Memory overflow in Xiaomi AI speaker Rom version 1.59.6 can happen when the speaker verifying a malicious firmware during OTA process...

7.5CVSS9.5AI score0.01214EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/09/11 1:36 p.m.50 views

CVE-2020-14096

The provided connected documents describe a memory overflow in the Xiaomi AI speaker Rom versions older than 1.59.6 that can occur when verifying a malicious firmware during OTA. The vulnerability is characterized with a CRITICAL impact (CVSSv3.1: 9.8) and affects the OTA verification path; explo...

9.8CVSS9.6AI score0.01214EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/09/11 1:36 p.m.14 views

CVE-2020-14096

Memory overflow in Xiaomi AI speaker Rom version 1.59.6 can happen when the speaker verifying a malicious firmware during OTA process...

9.7AI score0.01214EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/20 12:0 a.m.2 views

Guangzhou Suoai Digital Technology Co., Ltd Suoai Smart Payment Speaker E-50 has a logic flaw vulnerability

The Sony Ericsson Group is a high-tech conglomerate that specializes in Bluetooth headphones, LCD TVs, smart audio, Bluetooth stereos, Karaoke entertainment devices, cell phones, amplifiers and other verticals based on multimedia series products. Guangzhou Suoai Digital Technology Co. Suoai Smart...

6.9AI score
Exploits0
CNVD
CNVD
added 2020/07/02 12:0 a.m.7 views

Unspecified vulnerability in Linkplay firmware

The Anker Zolo Halo is a smart speaker from Anker Philippines. A security vulnerability exists in the Linkplay firmware. An attacker can exploit the vulnerability to execute code...

10CVSS7AI score0.07625EPSS
Exploits1
CNVD
CNVD
added 2020/07/02 12:0 a.m.8 views

Unspecified vulnerability in Linkplay firmware

The Anker Zolo Halo is a smart speaker from Anker Philippines. A security vulnerability exists in the Linkplay firmware. An attacker can exploit the vulnerability to execute code...

9.3CVSS7AI score0.0289EPSS
Exploits1
CVE
CVE
added 2020/07/01 7:21 p.m.52 views

CVE-2019-15311

CVE-2019-15311 affects Zolo Halo devices via the Linkplay firmware. The vulnerability resides in the GoAhead web server running on port 80, with the /httpapi.asp endpoint exposing multiple command-execution flaws that enable LAN remote code execution. Multiple connected sources corroborate a GoAh...

10CVSS9.9AI score0.07625EPSS
Exploits1References3Affected Software1
Malwarebytes
Malwarebytes
added 2020/05/11 3:15 p.m.52 views

Lock and Code S1Ep6: Recognizing facial recognition’s flaws with Chris Boyd

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Chris Boyd, lead malware intelligence analyst at Malwarebytes, about facial recognition technology—its early history, its proven failures at accuracy, an...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2020/05/04 11:51 a.m.11 views

New Malware Jumps Air-Gapped Devices by Turning Power-Supplies into Speakers

Cybersecurity researcher Mordechai Guri from Israel's Ben Gurion University of the Negev recently demonstrated a new kind of malware that could be used to covertly steal highly sensitive data from air-gapped and audio-gapped systems using a novel acoustic quirk in power supply units that come wit...

5.8AI score
Exploits0
CNVD
CNVD
added 2020/04/09 12:0 a.m.6 views

Xiaomi Xiao AI Speaker Pro LX06 Input Validation Error Vulnerability

Xiaomi Xiao AI Speaker Pro LX06 is a smart speaker from Chinese company Xiaomi Technology Xiaomi. An input validation error vulnerability exists in the Xiaomi Xiao AI Speaker Pro LX06 version 1.58.10. The vulnerability can be exploited by activating failsafe mode and using the miconsole command t...

7.2CVSS6.8AI score0.00549EPSS
Exploits1
CNVD
CNVD
added 2020/04/09 12:0 a.m.7 views

Xiaomi Xiao AI Speaker Pro LX06 Input Validation Error Vulnerability

The Xiaomi Xiao AI Speaker Pro LX06 is a smart speaker from Chinese company Xiaomi Technology Xiaomi. An input validation error vulnerability exists in Xiaomi Xiao AI Speaker Pro LX06 version 1.52.4. The vulnerability can be exploited to obtain a root shell by accessing the UART interface, which...

7.2CVSS6.6AI score0.0052EPSS
Exploits1References1
OSV
OSV
added 2020/04/08 6:15 p.m.6 views

CVE-2020-10262

An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.58.10. Attackers can activate the failsafe mode during the boot process, and use the miconsole command cascaded by the SN code shown on the product to get the root shell password, and then the attacker can i read Wi-Fi SSID or password, ...

6.8CVSS6.8AI score0.00549EPSS
Exploits1References3
Rows per page
Query Builder