Category: Exploits

Cisco Security Manager CVE-2019-12630 – Java Deserialization

Description A vulnerability in the Java deserialization function used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a malicious serialized Java object to […]

Read More

Notepad++ (x64) before 7.7 CVE-2019-16294 – Remote Code Execution

Description Memory corruption in notepad++ all x64 versions before 7.7 in Scintilla component (SciLexer.dll). Vulnerability triggering via special crafted .ml file. Vulnerability occurs during the processing of Unicode characters. For example I used notepad++ v 7.6.6:. It is latest affected version before fixing version. Download poc.ml – file for demonstrating triggering of vulnerability; This file contain […]

Read More

Victure PC530 CVE-2019-15940 – Unauthenticated

Description Avira researchers have found that the PC530 Wireless Security Camera from Victure can do more than what you would ever expect – or want – from a smart security device. It comes with built-in vulnerabilities which enable hackers to manipulate device functions, step into your home network, watch your activities, and upload whatever they […]

Read More

Lenovo Chromebook S330 CVE-2019-16508 – Integer Overflow

Description Lenovo Chromebook S330 enable PowerVR DRM platform driver as its graphics driver. A normal user on CrOS is able to access “/dev/dri/card1” to send IOCTL command to PowerVR ioctl handler. PVRSRVBridgeSyncPrimOpCreate is one of io commands handler of PowerVR. This function doesn’t check buffer size coming from user input psSyncPrimOpCreateIN, which may lead to […]

Read More

NSA Ghidra 9.0.4 CVE-2019-16941 – Remote Code Execution

Description NSA Ghidra through 9.0.4, when experimental mode is enabled, allows arbitrary code execution if the Read XML Files feature of Bit Patterns Explorer is used with a modified XML document. This occurs in Features/BytePatterns/src/main/java/ghidra/bitpatterns/info/FileBitPatternInfoReader.java. An attack could start with an XML document that was originally created by DumpFunctionPatternInfoScript but then directly modified by an […]

Read More

Keybase App IOS 2.13.2 CVE-2019-16992 – Private Key unknown

Description The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user’s private key to sign a certain cryptocurrency attestation (that an address at keybase.io can be used for Stellar payments to the user), which might be incompatible with a user’s personal position on the semantics of an attestation. References […]

Read More

Linux kernel 5.0.3 CVE-2019-16995 – Denial of Service

Description In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d. net: hsr: fix memory leak in hsr_dev_finalize()

Read More

Linux kernel before 5.0 CVE-2019-16994 – Denial of Service

Description In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a. net: sit: fix memory leak in sit_init_net() Diffstat

Read More

Western Digital /SanDisk SSD Dashboard CVE-2019-13467 – Weak Encryption

Description The Western Digital and SanDisk SSD Dashboard applications are potentially vulnerable to man-in-the-middle attacks when the applications download resources from the Dashboard web service. This vulnerability may allow an attacker to substitute downloaded resources with arbitrary files. Additionally, the “generate reports” archive is protected with a hard-coded password. An application update that addresses the […]

Read More

WhatsApp CVE-2019-11927 – Integer Overflow

Description An integer overflow in WhatsApp media parsing libraries allows a remote attacker to perform an out-of-bounds write on the heap via specially-crafted EXIF tags in WEBP images. This issue affects WhatsApp for Android before version 2.19.143 and WhatsApp for iOS before version 2.19.100. Affected Versions This issue affects WhatsApp for iOS before version v2.19.100 […]

Read More