BTV-EMUI5.0,Berlin-EMUI5.0,Berlin-L21,Berlin-L22,Berlin-L23,MHA-AL00A Security Vulnerabilities

Huawei Data Communication: SegmentSmack Vulnerability in Linux Kernel (huawei-sa-20181031-02-linux)

There is a DoS vulnerability in the Linux Kernel versions 4.9+ and supported versions known as a SegmentSmack...

Huawei Data Communication: Dirty COW Vulnerability in Huawei Products (huawei-sa-20161207-01-dirtycow)

In the morning of October 21th, 2016, a security researcher Phil Oester disclosed a local privilege escalation vulnerability in Linux kernel. This VT has been deprecated and is therefore no longer...

school328.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1181441 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

Security Advisory - Privilege Escalation Vulnerability in Some Huawei Products

There is a privilege escalation vulnerability in the ioctl handlers of the Mediatek CMDQ driver. Local attackers can exploit this vulnerability to read and write to the system memory. Successful exploit may lead to local escalation of privilege. (Vulnerability ID: HWPSIRT-2020-03106) This...

CVE-2020-10751

A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the rest of the messages...

Bart Gellman on Snowden

Bart Gellman's long-awaited (at least by me) book on Edward Snowden, Dark Mirror: Edward Snowden and the American Surveillance State, will finally be published in a couple of weeks. There is an adapted excerpt in the Atlantic. It's an interesting read, mostly about the government surveillance of...

Security Advisory - Information Leakage Vulnerability in Some Huawei Products

There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. (Vulnerability ID: HWPSIRT-2020-02166) This vulnerability has been assigned a Common....

berlin-apple-reparatur24.de Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1166035 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

Security Advisory - Out of Bounds Read Vulnerability in Several Smartphones

There is an out of bound read vulnerability in several smartphones. The software reads data past the end of the intended buffer. The attacker tricks the user into installing a crafted application, successful exploit may cause information disclosure or service abnormal. (Vulnerability ID:...

iec.ch Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1152303 Security Researcher shafique_Wasta Helped patch 31 vulnerabilities Received 2 Coordinated Disclosure badges , a holder of 2 badges for responsible and coordinated disclosure, found a security vulnerability affecting iec.ch website and its users. Following...

streetlevelphotoworks.org Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1152184 Security Researcher 4N_CURZE Helped patch 1548 vulnerabilities Received 7 Coordinated Disclosure badges Received 13 recommendations , a holder of 7 badges for responsible and coordinated disclosure, found a security vulnerability affecting streetlevelphotoworks.org.....

CVE-2019-5303

There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device.....

CVE-2019-5302

There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device.....

CVE-2019-5303

There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device.....

CVE-2019-5302

There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device.....

Input validation

There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device.....

Input validation

There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device.....

CVE-2019-5303

There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device.....

CVE-2019-5302

There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device.....

amplerbikes.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1148924 Security Researcher 4N_CURZE Helped patch 1496 vulnerabilities Received 7 Coordinated Disclosure badges Received 12 recommendations , a holder of 7 badges for responsible and coordinated disclosure, found a security vulnerability affecting amplerbikes.com website...

wilddunesowners.org Open Redirect vulnerability

Open Bug Bounty ID: OBB-1145857 Security Researcher myNickName Helped patch 200 vulnerabilities Received 2 Coordinated Disclosure badges , a holder of 2 badges for responsible and coordinated disclosure, found a security vulnerability affecting wilddunesowners.org website and its users. ...

Remote Code Execution (RCE)

git-add-remote is vulnerable to Remote Code Execution (RCE). The name argument was not escaped to avoid injection of malicious command by the...

berlin-flamingos.de Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1133471 Security Researcher g0bl1nsec Helped patch 3741 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting berlin-flamingos.de...

CVE-2020-7630

git-add-remote through 1.0.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the name...

CVE-2020-7630

git-add-remote through 1.0.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the name...

CVE-2020-7630

git-add-remote through 1.0.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the name...

CVE-2020-7630

git-add-remote through 1.0.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the name...

Security Advisory - Information Leakage Vulnerability in Motion Sensor

Motion sensor in some Huawei smart phones has an information leakage vulnerability. An attacker may exploit this vulnerability to obtain specific information from the motion sensor through an APP installed on the smart phone and track the user. Successful exploit may cause information leak....

Hacking McDonald's for Free Food

This hack was possible because the McDonald's app didn't authenticate the server, and just did whatever the server told it to do: McDonald's receipts in Germany end with a link to a survey page. Once you take the survey, you receive a coupon code for a free small beverage, redeemable within a...

CVE-2013-3685

A Privilege Escalation Vulnerability exists in Sprite Software Spritebud 1.3.24 and 1.3.28 and Backup 2.5.4105 and 2.5.4108 on LG Android smartphones due to a race condition in the spritebud daemon, which could let a local malicious user obtain root...

mononagrove.org Cross Site Scripting vulnerability

Security Researcher Gh05tPT Helped patch 6836 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting mononagrove.org website and its users. Following...

Design/Logic Flaw

The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator...

Google Maps: online interventions with offline ramifications

The places where online life directly intersection with that lived offline will be forever fascinating, illustrated perfectly through a recent performance piece involving Google Maps, a cart, and an awful lot of mobile phones. Simon Weckert, an artist based in Berlin, Germany, showed how a little.....

CVE-2020-6855

A large or infinite loop vulnerability in the JOC Cockpit component of SOS JobScheduler 1.11 and 1.13.2 allows attackers to parameterize housekeeping jobs in a way that exhausts system resources and results in a denial of...

CVE-2020-6856

An XML External Entity (XEE) vulnerability exists in the JOC Cockpit component of SOS JobScheduler 1.12 and 1.13.2 allows attackers to read files from the server via an entity declaration in any of the XML documents that are used to specify the run-time settings of jobs and...

Ruby on Rails: ActiveStorage direct upload fails to sign content-length header for S3 service

When a user makes a direct upload using ActiveStorage, the browser makes a request to the DirectUploadsController containing the direct_upload parameters filename, content_type, byte_size, and checksum. These are used to generate a presigned url that is then passed back to the browser, allowing...

CVE-2020-6854

A cross-site scripting (XSS) vulnerability in the JOC Cockpit component of SOS JobScheduler 1.11 and 1.13.2 allows attackers to inject arbitrary web script or HTML via JSON properties available from the REST...

Man uses 99 smartphones to cause traffic jam on Google Maps

By Sudais Asif He took 99 smartphones running the Google Maps app and then asked someone to roam them on the streets of Berlin. This is a post from HackRead.com Read the original post: Man uses 99 smartphones to cause traffic jam on Google...

Security Advisory - FragmentSmack Vulnerability in Linux Kernel

Products Switches Routers WLAN Storage See All Solutions Cloud Data Center Enterprise Networking Intelligent Computing Solutions by Industry See All Services Training and Certification Industry Cloud Enablement Service Improvement Service Customer Support Service See All Partner Find a Partner...

Security Advisory - Page-Cache Side-Channel Vulnerability

There is a vlunerability in the mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13. An attacker could exploit this vulnerability to conduct a page-cache side-channel attack, allowing the attacker to view page-cache access patterns of other processes on the system. A...

Security Advisory - FRP Bypass Vulnerability in Huawei Smart Phones

There is a Factory Reset Protection (FRP) bypass security vulnerability in some Huawei smart phones. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. As.....

Security Advisory - Denial of Service Vulnerability in Several Smartphones

There is a denial of service vulnerability in several smartphones. The system does not properly check the status of certain module during certain operations, an attacker should trick the user into installing a malicious application, successful exploit could cause reboot of the smartphone....

rature.net Improper Access Control vulnerability

Open Bug Bounty ID: OBB-1054548 Security Researcher 0xrocky Helped patch 1796 vulnerabilities Received 7 Coordinated Disclosure badges Received 5 recommendations , a holder of 7 badges for responsible and coordinated disclosure, found a security vulnerability affecting rature.net website and its...

Security Advisory - Integer Overflow Vulnerability in the Linux Kernel (SACK Panic)

An integer overflow vulnerability was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments. A remote attacker could use this to cause a denial of service. (Vulnerability ID: HWPSIRT-2019-06130) This vulnerability has been assigned a Common....

PLC Cycle Time Influences (Update A)

EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendors: ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO Equipment: Programmable Logic Controllers Vulnerability: Uncontrolled Resource Consumption 2. UPDATE...

CVE-2019-5235

Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be...

Null pointer dereference

Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be...

Security Advisory - Denial of Service Vulnerability on Some Huawei Smartphones

There is a denial of service vulnerability on some Huawei smartphones. Due to insufficient input validation of specific value when parsing the messages, an attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices to exploit this vulnerability....

Security Advisory - Information Disclosure Vulnerability in Several Smartphones

There is an information disclosure vulnerability in certain Huawei smartphones. The software does not properly handle certain information of application locked by applock in a rare condition, successful exploit could cause information disclosure. (Vulnerability ID: HWPSIRT-2018-08142) This...

Node.js third-party modules: [htmr] DOM-based XSS

Hi, I would like to report DOM-based XSS in htmr. It allows attackers to insert malicious JavaScript payload into the page. Module module name: htmr version: 0.8.6 npm page: https://www.npmjs.com/package/htmr Module Description Simple and lightweight (< 2kB) HTML string to react element conversi...