Lucene search

K

Luna Security Vulnerabilities

cve
cve

CVE-2023-25824

Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Versions from 0.9.0 to 0.12.0 (including) did not properly fail blocking read operations on TLS connections when the transport hit timeouts. Instead it entered an endless loop retrying the read operation, consuming CPU resources. This...

7.5CVSS

7.3AI Score

0.001EPSS

2023-02-23 10:15 PM
35
cve
cve

CVE-2021-41849

An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It sends the following Personally Identifiable Information (PII) in plaintext using HTTP to servers located in China: user's list of installed apps and device International Mobile Equipment Identity (IMEI). This PII is transmitted.....

5.5CVSS

5.4AI Score

0.001EPSS

2022-03-11 11:15 PM
62
cve
cve

CVE-2021-41850

An issue was discovered in Luna Simo PPR1.180610.011/202001031830. A pre-installed app with a package name of com.skyroam.silverhelper writes three IMEI values to system properties at system startup. The system property values can be obtained via getprop by all third-party applications co-located.....

7.8CVSS

7.5AI Score

0.001EPSS

2022-03-11 11:15 PM
78
cve
cve

CVE-2021-41848

An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It mishandles software updates such that local third-party apps can provide a spoofed software update file that contains an arbitrary shell script and arbitrary ARM binary, where both will be executed as the root user with an...

7.8CVSS

7.8AI Score

0.002EPSS

2022-03-11 11:15 PM
65