Security
Headlines
HeadlinesLatestCVEs

Tag

#android

CVE-2020-36558

A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault.

CVE
Open in Source
#ios#android#mac#google#linux#js#git#java#intel#c++#perl#amd#bios#buffer_overflow#huawei#auth#ibm#sap#wifi#ssl
App Meant to Hit Russia with DDoS Attack Infected Android Phones of Ukraine Activists

By Deeba Ahmed The pro-Ukraine groups thought they were fighting back against Russia with a new DDoS app, but it turns… This is a post from HackRead.com Read the original post: App Meant to Hit Russia with DDoS Attack Infected Android Phones of Ukraine Activists

CVE-2022-29454: Better Messages – Live Chat for WordPress, BuddyPress, BuddyBoss, Ultimate Member, PeepSo

Cross-Site Request Forgery (CSRF) vulnerability in WordPlus Better Messages plugin <= 1.9.9.148 at WordPress allows attackers to upload files. File attachment to messages must be activated.

CVE-2020-21406: TVBoxBugs/RK_MAX_V88_SmartTV_Vulnerability at master · helloworldxp/TVBoxBugs

An issue was discovered in RK Smart TV Box MAX and V88 SmartTV box that allows attackers to cause a denial of service via the switchNextDisplayInterface service.

CVE-2020-21405: TVBoxBugs/H96_Pro_Plus_SmartTV_Vulnerability at master · helloworldxp/TVBoxBugs

An issue was discovered in H96 Smart TV Box H96 Pro Plus allows attackers to corrupt files via calls to the saveDeepColorAttr service.unk

Google Adds Support for DNS-over-HTTP/3 in Android to Keep DNS Queries Private

Google on Tuesday officially announced support for DNS-over-HTTP/3 (DoH3) for Android devices as part of a Google Play system update designed to keep DNS queries private. To that end, Android smartphones running Android 11 and higher are expected to use DoH3 instead of DNS-over-TLS (DoT), which was incorporated into the mobile operating system with Android 9.0. DoH3 is also an alternative to

CVE-2021-31858: CVE-2021-31858 Stored Cross-Site Scripting in DotNetNuke

DotNetNuke (DNN) 9.9.1 CMS is vulnerable to a Stored Cross-Site Scripting vulnerability in the user profile biography section which allows remote authenticated users to inject arbitrary code via a crafted payload.

Russian Hackers Tricked Ukrainians with Fake "DoS Android Apps to Target Russia"

Russian threat actors capitalized on the ongoing conflict against Ukraine to distribute Android malware camouflaged as an app for pro-Ukrainian hacktivists to launch distributed denial-of-service (DDoS) attacks against Russian sites. Google Threat Analysis Group (TAG) attributed the malware to Turla, an advanced persistent threat also known as Krypton, Venomous Bear, Waterbug, and Uroburos, and

CVE-2022-32958: 互動資通 Teamplus Pro - Allocation of Resources Without Limits or Throttling

A remote attacker with general user privilege can send a message to Teamplus Pro’s chat group that exceeds message size limit, to terminate other recipients’ Teamplus Pro chat process.