EUVD-2018-19637

Malware in sbrugna...

BIT-LIBPHP-2022-31626 mysqlnd/pdo password buffer overflow

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdomysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can...

Huawei Emily-AL00A cell phone lock screen bypass vulnerability

Emily-AL00A is a smartphone launched by Huawei. A lock screen bypass vulnerability exists in the radio module of the Huawei Emily-AL00A phone. An unauthenticated attacker can exploit this vulnerability to bypass the lock screen and launch a third-party input method installed on the phone via...

Security Advisory - Lock-screen Bypass Vulnerability in Huawei Smartphones

There is a lock-screen bypass vulnerability in radio module of some Huawei smartphones. An unauthenticated attacker could start third-part input method APP through certain operations to bypass lock-screen by exploit this vulnerability. Vulnerability ID: HWPSIRT-2018-04055 This vulnerability has...

Windows Vista输入法状态判断错误绕过认证漏洞

Microsoft Windows Vista是一款微软公司新开发的操作系统。 Microsoft Windows Vista提供的输入法机制存在设计问题，远程攻击者可以利用漏洞未授权访问应用系统。 一个输入法被安装到Vista系统，默认会出现在登录界面或锁屏状态中，操作系统默认应该根据自身运行状态提供不同的功能。不过Windows Vista没有正确检查当前系统登录状态，会不正确的把特权功能提供给未登录进系统的用户。在恶意用户可以接触物理终端或者通过终端服务会话访问有此漏洞系统，通过执行输入法提供的某些帮助功能可绕过访问机制，获得对系统的控制。...