17.2 C
Johannesburg

CVE-2019-15426

The Xiaomi 5S Plus Android device with a build fingerprint of Xiaomi/natrium/natrium:6.0.1/MXB48T/7.1.5:user/release-keys contains a pre-installed app with a package name of com.miui.powerkeeper app (versionCode=40000, versionName=4.0.00) that allows unauthorized wireless...

CVE-2019-15396

The Asus ZenFone 3 Android device with a build fingerprint of asus/WW_Phone/ASUS_Z012D:7.0/NRD90M/14.2020.1708.56-20170719:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000015, versionName=7.0.0.3_161222) that allows other pre-installed...

CVE-2019-15375

The Haier G8 Android device with a build fingerprint of Haier/HM-G559-FL/G8:8.1.0/O11019/1522294799:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located...

CVE-2019-15371

The Symphony G100 Android device with a build fingerprint of Symphony/G100/G100:8.1.0/O11019/1530618779:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located...

CVE-2019-15354

The Ulefone Armor 5 Android device with a build fingerprint of Ulefone/Ulefone_Armor_5/Ulefone_Armor_5:8.1.0/O11019/1528806701:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app...

Download: The Comprehensive Compliance Guide

The Comprehensive Compliance Guide can help security leaders save time and resources from creating their own compliance evaluation methods. Read more

CVE-2011-1145

The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string. Read more

CVE-2013-3367

Undocumented TELNET service in TRENDnet TEW-691GR and TEW-692GR when a web page named backdoor contains an HTML parameter of password and a value of j78G?DFdg_24Mhw3. Read more

CVE-2013-4275

Cross-site scripting (XSS) vulnerability in the zen_breadcrumb function in template.php in the Zen theme 6.x-1.x, 7.x-3.x before 7.x-3.2, and 7.x-5.x before 7.x-5.4 for Drupal allows remote authenticated users with...

CVE-2010-4653

An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts. Read more

Latest article

Two men busted for hijacking victims’ phones and email accounts

Prosecutors allege that Meiggs and Harrington took over their targets' mobile phone and email accounts via SIM-swapping. Read more

Leaked Russian Interference Report Raises Questions About Brexit, UK Election Security

A report from the U.K. Parliament's intelligence committee concludes that "Russian interference may have had an impact on the Brexit referendum," reports the Times...

Lessons From the Cyberattack On India’s Largest Nuclear Power Plant

Dan Drollette shares an article by two staffers at the Center for Global Security Research at Lawrence Livermore National Laboratory from The Bulletin of...