Security
Headlines
HeadlinesLatestCVEs

Tag

#xiaomi

Update now! October patch Tuesday fixes actively used zero-day...but not the one you expected

Categories: Exploits and vulnerabilities Categories: News Tags: Microsoft Tags: Apple Tags: Google Tags: Android Tags: Samsung Tags: Xiaomi Tags: Adobe Tags: SAP Tags: VMWare Tags: Fortinet Tags: CVE-2022-41033 Tags: CVE-2022-41040 Tags: zero-day No fix for ProxyNotShell (Read more...) The post Update now! October patch Tuesday fixes actively used zero-day...but not the one you expected appeared first on Malwarebytes Labs.

Malwarebytes
Open in Source
#vulnerability#ios#android#mac#windows#apple#google#microsoft#rce#ssrf#vmware#samsung#auth#xiaomi#zero_day#sap
CVE-2020-14131: Xiaomi Security Center

The Xiaomi Security Center expresses heartfelt thanks to ADLab of VenusTech ! At the same time, we also welcome more outstanding and professional security experts and security teams to join the Mi Security Center (MiSRC) to jointly ensure the safe access of millions of Xiaomi users worldwide Life.

CVE-2020-14129: Xiaomi Security Center

A logic vulnerability exists in a Xiaomi product. The vulnerability is caused by an identity verification failure, which can be exploited by an attacker who can obtain a brief elevation of privilege.

CVE-2022-23747: #ALHACK: One codec to hack the whole world - Check Point Research

In Sony Xperia series 1, 5, and Pro, an out of bound memory access can occur due to lack of validation of the number of frames being passed during music playback.

Xiaomi Phone Bug Allowed Payment Forgery

Mobile transactions could’ve been disabled, created and signed by attackers.

Xiaomi Phones with MediaTek Chips Found Vulnerable to Forged Payments

Security flaws have been identified in Xiaomi Redmi Note 9T and Redmi Note 11 models, which could be exploited to disable the mobile payment mechanism and even forge transactions via a rogue Android app installed on the devices. Check Point said it found the flaws in devices powered by MediaTek chipsets during a security analysis of the Chinese handset maker's "Kinibi" Trusted Execution

Taiwanese President and Top Govt Sites Hit by DDoS Attacks Amid Pelosi visit

By Waqas The DDoS attacks also targeted the country’s largest airport, the Defence and Foreign Ministry. As US House Speaker… This is a post from HackRead.com Read the original post: Taiwanese President and Top Govt Sites Hit by DDoS Attacks Amid Pelosi visit

CVE-2020-14114: 产品安全中心

information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information.

CVE-2020-14127: 产品安全中心

A denial of service vulnerability exists in some Xiaomi models of phones. The vulnerability is caused by heap overflow and can be exploited by attackers to make remote denial of service.

Chinese Hackers Distributing Nim language Malware in SMS Bomber Tool

By Deeba Ahmed This newly discovered malware campaign is attributed to a Chinese hacking group called Tropic Trooper. Cybersecurity researchers at… This is a post from HackRead.com Read the original post: Chinese Hackers Distributing Nim language Malware in SMS Bomber Tool