Security
Headlines
HeadlinesLatestCVEs

Tag

#huawei

Google to support the use of Rust in Chromium

Categories: News Tags: Google Tags: Chromium Tags: Rust Tags: memory safety Tags: rule of two Google has announced that it will support the use of third-party Rust libraries in Chromium which is a step forward in memory safety for the browsers. (Read more...) The post Google to support the use of Rust in Chromium appeared first on Malwarebytes Labs.

Malwarebytes
#vulnerability#android#google#microsoft#java#c++#buffer_overflow#huawei#chrome#kotlin
CVE-2021-46868: January

The HW_KEYMASTER module has a problem in releasing memory.Successful exploitation of this vulnerability may result in out-of-bounds memory access.

CVE-2022-45874: Security Advisory - Improper Authorization Vulnerability in a Huawei Children's Watch

Huawei Aslan Children's Watch has an improper authorization vulnerability. Successful exploit could allow the attacker to access certain file.

CVE-2022-39012: Security Advisory - Improper Input Validation Vulnerability in a Huawei Children's Watch

Huawei Aslan Children's Watch has an improper input validation vulnerability. Successful exploitation may cause the watch's application service abnormal.

CVE-2022-44564: Security Advisory - Path Traversal Vulnerability in a Huawei Children's Watch

Huawei Aslan Children's Watch has a path traversal vulnerability. Successful exploitation may allow attackers to access or modify protected system resources.

CVE-2022-41579: huawei-sa-20221130-01-c7f72ffb-en

There is an insufficient authentication vulnerability in some Huawei band products. Successful exploit could allow the attacker to spoof then connect to the band.

CVE-2022-46740: huawei-sa-DoSViHSWR-8f632df1-en

There is a denial of service vulnerability in the Wi-Fi module of the HUAWEI WS7100-20 Smart WiFi Router.Successful exploit could cause a denial of service (DoS) condition.

Zerobot Adds Brute Force, DDoS to Its IoT Attack Arsenal

Threat actors continue to evolve the malicious botnet, which has also added a list of new vulnerabilities it can use to target devices.

CVE-2022-41591: December

The backup module has a path traversal vulnerability. Successful exploitation of this vulnerability causes unauthorized access to other system files.

CVE-2021-0934: Android Security Bulletin—December 2022  |  Android Open Source Project

In findAllDeAccounts of AccountsDb.java, there is a possible denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-169762606