Tag
#huawei
There is a buffer overflow vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could lead to device service exceptions.
In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.
In permissions of AndroidManifest.xml, there is a possible way to grant signature permissions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-244216503
**How could an attacker exploit this vulnerability?** For an attacker to exploit this vulnerability, the following conditions must be met: * The attacker must be in physical proximity to the targeted victim. A remote attack is not possible because this vulnerability is at the Wi-Fi layer. * The victim must be using unprotected transports such as plain HTTP. If customers follow the security best practices outlined in the Executive Summary, this vulnerability would be difficult to exploit.
There is a vulnerability in 21.328.01.00.00 version of the E5573Cs-322. Remote attackers could exploit this vulnerability to make the network where the E5573Cs-322 is running temporarily unavailable.
Five vulnerabilities in the baseboard management controller (BMC) software used by 15 major vendors could allow remote code execution if attackers gain network access.
By Deeba Ahmed This is a critical vulnerability affecting almost 190 models of devices from 66 different manufacturers. This is a post from HackRead.com Read the original post: Critical Realtek Vulnerability Impacting IoT Devices Worldwide
The PowerVR GPU kernel driver maintains an "Information Page" used by its cache subsystem. This page can only be written by the GPU driver itself, but prior to DDK 1.18 however, a user-space program could write arbitrary data to the page, leading to memory corruption issues.Product: AndroidVersions: Android SoCAndroid ID: A-259967780
In ApplicationsDetailsActivity of AndroidManifest.xml, there is a possible DoS due to a tapjacking/overlay attack. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-183410508
Manufacturer complacency ‘translates into an unacceptable risk for consumers’, warns security expert