Broadcom: Heap overflow in "wl_iw_get_essid" when handling WLC_GET_SSID ioctl results(CVE-2017-0570)
Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without delegating to the host OS. On Android devices, the "bcmdhd" driver is used....
7.3AI Score
0.002EPSS
Broadcom: Multiple memory corruptions in "bcmdhd" when handling WLFC information (CVE-2017-0571)
Detailed analysis: https://googleprojectzero.blogspot.tw/2017/04/over-air-exploiting-broadcoms-wi-fi_4.html https://googleprojectzero.blogspot.tw/2017/04/over-air-exploiting-broadcoms-wi-fi_11.html Broadcom produces the Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer...
7.4AI Score
0.002EPSS
Broadcom produces the Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without delegating to the host OS. One of the events handled by the BCM...
9.6AI Score
0.201EPSS
Broadcom Wi-Fi SoC - dhd_handle_swc_evt Heap Overflow Exploit
Exploit for hardware platform in category remote...
-1.1AI Score
0.003EPSS
Broadcom Wi-Fi SoC - TDLS Teardown Request Remote Heap Overflow Exploit
Exploit for hardware platform in category remote...
9.2AI Score
0.201EPSS
Broadcom: Heap overflow in TDLS Teardown Request while handling Fast Transition IE (CVE-2017-0561)
详细分析:https://googleprojectzero.blogspot.tw/2017/04/over-air-exploiting-broadcoms-wi-fi_4.html Posted by Gal Beniamini, Project Zero It's a well understood fact that platform security is an integral part of the security of complex systems. For mobile devices, this statement rings even truer; modern....
10AI Score
0.201EPSS
Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without delegating to the host OS. On Android devices, the "bcmdhd" driver is used....
7.2AI Score
0.002EPSS
Broadcom: Heap overflow in "dhd_handle_swc_evt"(CVE-2017-0569)
roadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without delegating to the host OS. On Android devices, the "bcmdhd" driver is used.....
7.3AI Score
0.003EPSS
Broadcom: Stack buffer overflow when handling 802.11r (FT) authentication response (CVE-2017-6975)
Detailed analysis of reference : the https://googleprojectzero.blogspot.tw/2017/04/over-air-exploiting-broadcoms-wi-fi_4.html the first part https://googleprojectzero.blogspot.tw/2017/04/over-air-exploiting-broadcoms-wi-fi_11.html Part II Broadcom produces the Wi-Fi HardMAC SoCs which are used...
7.3AI Score
0.004EPSS
Broadcom Wi-Fi SoC - Heap Overflow in wlc_tdls_cal_mic_chk Due to Large RSN IE in TDLS Setup Confirm
Exploit for hardware platform in category dos /...
-0.6AI Score
0.201EPSS
Millions Of Smartphones Using Broadcom Wi-Fi Chip Can Be Hacked Over-the-Air
Millions of smartphones and smart gadgets, including Apple iOS and many Android handsets from various manufacturers, equipped with Broadcom Wifi chips are vulnerable to over-the-air hijacking without any user interaction. Just yesterday, Apple rushed out an emergency iOS 10.3.1 patch update to...
8.2AI Score
Broadcom Wi-Fi SoC - Heap Overflow wlc_tdls_cal_mic_chk Due to Large RSN IE in TDLS Setup Confirm...
-0.6AI Score
Broadcom Wi-Fi SoC - dhd_handle_swc_evt Heap Overflow
Broadcom Wi-Fi SoC - dhd_handle_swc_evt Heap...
-0.5AI Score
7.4AI Score
EPSS
Broadcom Wi-Fi SoC - TDLS Teardown Request Remote Heap Overflow
Broadcom Wi-Fi SoC - TDLS Teardown Request Remote Heap...
-0.6AI Score
7.4AI Score
EPSS
7.4AI Score
EPSS
Over The Air: Exploiting Broadcom’s Wi-Fi Stack (Part 1)
Posted by Gal Beniamini, Project Zero It’s a well understood fact that platform security is an integral part of the security of complex systems. For mobile devices, this statement rings even truer; modern mobile platforms include multiple processing units, all elaborately communicating with one...
8AI Score
Broadcom: Stack buffer overflow when parsing CCKM reassociation response(CVE-2017-6957)
Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without delegating to the host OS. In order to allow fast roaming between access...
8.6AI Score
0.117EPSS
Stack-based buffer overflow in the firmware in Broadcom Wi-Fi HardMAC SoC chips, when the firmware supports CCKM Fast and Secure Roaming and the feature is enabled in RAM, allows remote attackers to execute arbitrary code via a crafted reassociation response frame with a Cisco IE...
8.1CVSS
8.4AI Score
0.117EPSS
Stack-based buffer overflow in the firmware in Broadcom Wi-Fi HardMAC SoC chips, when the firmware supports CCKM Fast and Secure Roaming and the feature is enabled in RAM, allows remote attackers to execute arbitrary code via a crafted reassociation response frame with a Cisco IE...
8.1CVSS
8.4AI Score
0.117EPSS
Stack-based buffer overflow in the firmware in Broadcom Wi-Fi HardMAC SoC chips, when the firmware supports CCKM Fast and Secure Roaming and the feature is enabled in RAM, allows remote attackers to execute arbitrary code via a crafted reassociation response frame with a Cisco IE...
8.1CVSS
8.4AI Score
0.117EPSS
Stack-based buffer overflow in the firmware in Broadcom Wi-Fi HardMAC SoC chips, when the firmware supports CCKM Fast and Secure Roaming and the feature is enabled in RAM, allows remote attackers to execute arbitrary code via a crafted reassociation response frame with a Cisco IE...
8.4AI Score
0.117EPSS
kernel security, bug fix, and enhancement update
[2.6.32-696.OL6] - Update genkey [bug 25599697] [2.6.32-696] - [net] dccp: fix freeing skb too early for IPV6_RECVPKTINFO (Hannes Frederic Sowa) [1424628] {CVE-2017-6074} [2.6.32-695] - [block] nvme: Dont poll device being removed (David Milburn) [1422521] [2.6.32-694] - [fs] posix_acl: Clear SGID....
9.8CVSS
AI Score
0.736EPSS
AI Score
0.117EPSS
-0.5AI Score
0.013EPSS
6.7AI Score
0.013EPSS
Solare Datensysteme Solar-Log Devices 2.8.4-563.5.2-85 - Multiple Vulnerabilities
Solare Datensysteme Solar-Log Devices 2.8.4-563.5.2-85 - Multiple...
0.5AI Score
0.013EPSS
Solare Datensysteme Solar-Log Devices 2.8.4-56 / 3.5.2-85 - Multiple Vulnerabilities
Solare Datensysteme GmbH Solar-Log versions 250, 300, 500, 800e, 1000, 1000 PM+, 1200, and 2000 suffer from cross site request forgery, cross site scripting, file upload, information disclosure, and denial of service...
6.9AI Score
Microsoft Started Blocking Windows 7/8.1 Updates For PCs Running New Processors
You might have heard the latest news about Microsoft blocking new security patches and updates for Windows 7 and Windows 8.1 users running the latest processors from Intel, AMD, Qualcomm, and others. Don't panic, this new policy doesn't mean that all Windows 7 and 8.1 users will not be able to...
6.8AI Score
Interactions with the OS in Google Chrome prior to 56.0.2924.76 for Mac insufficiently cleared video memory, which allowed a remote attacker to possibly extract image fragments on systems with GeForce 8600M graphics chips via a crafted HTML...
4.3CVSS
5.8AI Score
0.006EPSS
Interactions with the OS in Google Chrome prior to 56.0.2924.76 for Mac insufficiently cleared video memory, which allowed a remote attacker to possibly extract image fragments on systems with GeForce 8600M graphics chips via a crafted HTML...
4.3CVSS
5AI Score
0.006EPSS
Interactions with the OS in Google Chrome prior to 56.0.2924.76 for Mac insufficiently cleared video memory, which allowed a remote attacker to possibly extract image fragments on systems with GeForce 8600M graphics chips via a crafted HTML...
5.2AI Score
0.006EPSS
A Simple JavaScript Exploit Bypasses ASLR Protection On 22 CPU Architectures
Security researchers have discovered a chip flaw that could nullify hacking protections for millions of devices regardless of their operating system or application running on them, and the worse — the flaw can not be entirely fixed with any mere software update. The vulnerability resides in the...
6.7AI Score
0.971EPSS
Interactions with the OS in Google Chrome prior to 56.0.2924.76 for Mac insufficiently cleared video memory, which allowed a remote attacker to possibly extract image fragments on systems with GeForce 8600M graphics chips via a crafted HTML...
4.3CVSS
3.1AI Score
0.006EPSS
Interactions with the OS in Google Chrome prior to 56.0.2924.76 for Mac insufficiently cleared video memory, which allowed a remote attacker to possibly extract image fragments on systems with GeForce 8600M graphics chips via a crafted HTML...
4.3CVSS
3.1AI Score
0.006EPSS
Router Vulnerabilities Disclosed in July Remain Unpatched
Details on serious vulnerabilities in a number of routers freely distributed by a major Thai ISP were published on Monday after private disclosures made to the vendors in July went unanswered. Researcher Pedro Ribeiro of Agile Information Security found accessible admin accounts and command...
0.4AI Score
Google Patches 29 Critical Android Vulnerabilities Including Holes in Mediaserver, Qualcomm
Google has patched ten critical vulnerabilities tied to problem-plagued Android components like Mediaserver, NVIDIA’s GPU driver, and Qualcomm’s driver. The most serious bug, according to Google’s January Android Security Bulletin, is the Mediaserver vulnerability. “The most severe of these issues....
1.2AI Score
0.045EPSS
Researchers Question Security in AMD's Upcoming Zen Chips
As more computing heads to the clouds, security researchers are questioning the security of virtual machine control panels called hypervisors. One of the first hardware-based solutions to address these concerns will be deployed by chip manufacturer AMD, called Secure Encrypted Virtualization. The.....
-0.1AI Score
Old Linux Kernel Code Execution Bug Patched
A critical, local code-execution vulnerability in the Linux kernel was patched more than a week ago, continuing a run of serious security issues in the operating system, most of which have been hiding in the code for years. Details on the vulnerability were published Tuesday by researcher Philip...
0.5AI Score
0.0004EPSS
Cyber Attack Knocks Nearly a Million Routers Offline
Mirai Botnet is getting stronger and more notorious each day that passes by. The reason: Insecure Internet-of-things Devices. Last month, the Mirai botnet knocked the entire Internet offline for a few hours, crippling some of the world's biggest and most popular websites. Now, more than...
8.5AI Score
Your Headphones Can Spy On You — Even If You Have Disabled Microphone
Have you considered the possibility that someone could be watching you through your webcam? Or Listening to all your conversations through your laptop’s microphone? Even a bit of thought about this probability could make you feel incredibly creepy. But most people think that they have a...
6.8AI Score
Qualcomm and HackerOne Partner on Bounty Program
Qualcomm kicked off its first bug bounty program Thursday, opening the door for white hat hackers to find flaws in a dozen Snapdragon mobile chipsets and related software. Rewards for the invite-only bug bounty program top $15,000 each. HackerOne will facilitate Qualcomm’s bounty program; the...
0.1AI Score
Google Releases Supplemental Patch for Dirty Cow Vulnerability
Google’s November Android Security Bulletin, released Monday, patched 15 critical vulnerabilities and addressed 85 CVEs overall. But conspicuously absent is a fix for the Linux race condition vulnerability known as Dirty Cow (Copy-on-Write) that also impacts Android. While Google didn’t issue an...
1AI Score
0.879EPSS
! Recently, security research experts through research found a root the Android phone to the new method, i.e., by Rowhammer vulnerability to root Android phone. In addition, the attacker can even use this exploit with presently known Android vulnerabilities Bandroid and Stagefright to the target...
-0.1AI Score
Android Rowhammer attack vulnerability (Drammer)
Project Description Drammer is a new attack that exploits the Rowhammer hardware vulnerability on Android devices. It allows attackers to take control over your mobile device by hiding it in a malicious app that requires no permissions. Practically all devices are possibly vulnerable and must wait....
7.9AI Score
0.001EPSS
New Drammer Android Hack lets Apps take Full control (root) of your Phone
Earlier last year, security researchers from Google's Project Zero outlined a way to hijack the computers running Linux by abusing a design flaw in the memory and gaining higher kernel privileges on the system. Now, the same previously found designing weakness has been exploited to gain...
7AI Score
Android - 'gpsOneXtra' Data Files Denial of Service
Exploit for Android platform in category dos /...
-0.2AI Score
0.017EPSS
Allwinner 3.4 Legacy Kernel - Local Privilege Escalation (Metasploit)
Exploit for Android platform in category local...
6.8AI Score
5.9CVSS
6.2AI Score
EPSS