21 matches found
EUVD-2017-16185
Malware in sbrugna...
EUVD-2024-24525
Malicious code in bioql PyPI...
EUVD-2023-57762
Malicious code in bioql PyPI...
EUVD-2023-38022
Malicious code in bioql PyPI...
CVE-2023-5447
Missing lock check in SynHsaService may create a use-after-free condition which causes abnormal termination of the service, resulting in denial of service for the Synaptics Hardware Support App...
CVE-2024-27301
Support App is an opensource application specialized in managing Apple devices. It's possible to abuse a vulnerability inside the postinstall installer script to make the installer execute arbitrary code as root. The cause of the vulnerability is the fact that the shebang !/bin/zsh is being used...
CVE-2023-5447 Use-After-Free in Service for Hardware Support App for Fingerprint Driver
Missing lock check in SynHsaService may create a use-after-free condition which causes abnormal termination of the service, resulting in denial of service for the Synaptics Hardware Support App...
CVE-2024-27301
Support App is an opensource application specialized in managing Apple devices. It's possible to abuse a vulnerability inside the postinstall installer script to make the installer execute arbitrary code as root. The cause of the vulnerability is the fact that the shebang !/bin/zsh is being used...
CVE-2024-27301 Privilege Escalation Abusing installer in SupportApp
Support App is an opensource application specialized in managing Apple devices. It's possible to abuse a vulnerability inside the postinstall installer script to make the installer execute arbitrary code as root. The cause of the vulnerability is the fact that the shebang !/bin/zsh is being used...
CVE-2024-27301
CVE-2024-27301 affects Support App (Apple devices management). The root cause is in the postinstall installer script using shebang #!/bin/zsh, which prompts for root credentials but executes within the user’s HOME, loading $HOME/.zshenv; an attacker can inject code into that file to gain root pri...
Support App Security Vulnerability
Support App is an open source application designed to manage Apple devices. A security vulnerability exists in Support App prior to version 2.5.1 Rev 2, which originates from a security flaw in the installer script that allows the installer to execute arbitrary code as root...
PT-2023-24525 · Intel · Intel(R) Support
Name of the Vulnerable Software and Affected Versions: Intel Support android application affected versions not specified Description: The issue is related to improper access control, which may allow an authenticated user to potentially enable information disclosure via local access...
Information disclosure
Incorrect default permissions in the IntelR Support android application before version v23.02.07 may allow a privileged user to potentially enable information disclosure via local access...
PT-2023-4406 · Intel · Intel(R) Support
Name of the Vulnerable Software and Affected Versions: IntelR Support android application versions prior to v23.02.07 Description: The issue is related to incorrect default permissions in the IntelR Support android application, which may allow a privileged user to potentially enable information...
CVE-2022-36367
Incorrect default permissions in the IntelR Support Android application before version v22.02.28 may allow a privileged user to potentially enable information disclosure via local access...
CVE-2022-36367
Incorrect default permissions in the IntelR Support Android application before version v22.02.28 may allow a privileged user to potentially enable information disclosure via local access...
CVE-2022-27500
Incorrect default permissions for the IntelR Support Android application before 21.07.40 may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2018-17389
CVE-2018-17389 describes a CSRF flaw in the Live Call Support Application version 1.5, specifically in server.php, that allows adding an admin account. The root cause is a Cross-Site Request Forgery vulnerability that can enable unauthorized admin account creation without user interaction beyond ...
CVE-2017-7147
An issue was discovered in certain Apple products. The Apple Support app before 1.2 for iOS is affected. The issue involves the "Analytics" component. It allows remote attackers to obtain sensitive analytics information by leveraging its presence in a cleartext HTTP transmission to an Adobe...
CVE-2017-7147
An issue was discovered in certain Apple products. The Apple Support app before 1.2 for iOS is affected. The issue involves the "Analytics" component. It allows remote attackers to obtain sensitive analytics information by leveraging its presence in a cleartext HTTP transmission to an Adobe...