Security
Headlines
HeadlinesLatestCVEs

Tag

#android

CVE-2023-29382: Security Center - Zimbra :: Tech Center

An issue in Zimbra Collaboration ZCS v.8.8.15 and v.9.0 allows an attacker to execute arbitrary code via the sfdc_preauth.jsp component.

CVE
Open in Source
#xss#csrf#vulnerability#web#android#mac#apple#microsoft#ubuntu#linux#debian#red_hat#apache#memcached#nodejs#js#git#java#oracle#php#rce#perl#ldap#nginx#ssrf#pdf#auth#zero_day#ssl
The growth of commercial spyware based intelligence providers without legal or ethical supervision

Commercial spyware has become so notorious that international governments are taking notice and action against it, as evidenced by the Biden administration’s recent Executive Order on commercial spyware.

CVE-2023-30678: Samsung Mobile Security

Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows attackers to write arbitrary file.

CVE-2023-29656: [Disclosure for CVE-2023-29656]

An improper authorization vulnerability in Darktrace mobile app (Android) prior to version 6.0.15 allows disabled and low-privilege users to control "antigena" actions(block/unblock traffic) from the mobile application. This vulnerability could create a "shutdown", blocking all ingress or egress traffic in the entire infrastructure where darktrace agents are deployed.

CVE-2023-24256: JailBreakEC6/BugReport.md at main · hhj4ck/JailBreakEC6

An issue in the com.nextev.datastatistic component of NIO EC6 Aspen before v3.3.0 allows attackers to escalate privileges via path traversal.

Update Android now! Google patches three actively exploited zero-days

Categories: Exploits and vulnerabilities Categories: News Tags: Google Tags: Android Tags: 2023-07-05 Tags: CVE2021-29256 Tags: CVE-2023-26083 Tags: CVE-2023-2136 Tags: CVE-2023-21250 Tags: ARM Tags: Skia Google has patched 43 vulnerabilities in Android, three of which are actively exploited zero-day vulnerabilities. (Read more...) The post Update Android now! Google patches three actively exploited zero-days appeared first on Malwarebytes Labs.

SmugX: Chinese Hackers Targeting Embassies in Europe

By Deeba Ahmed The researchers believe that the SmugX attack is an extension of a previously discovered campaign linked to Mustang Panda. This is a post from HackRead.com Read the original post: SmugX: Chinese Hackers Targeting Embassies in Europe

Teen among suspects arrested in Android banking malware scheme

By Waqas The arrests took place in Singapore over complaints from unsuspecting victims. This is a post from HackRead.com Read the original post: Teen among suspects arrested in Android banking malware scheme

Mexico-Based Hacker Targets Global Banks with Android Malware

An e-crime actor of Mexican provenance has been linked to an Android mobile malware campaign targeting financial institutions globally, but with a specific focus on Spanish and Chilean banks, from June 2021 to April 2023. The activity is being attributed to an actor codenamed Neo_Net, according to security researcher Pol Thill. The findings were published by SentinelOne following a Malware

CVE-2023-20775: July 2023

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07978760; Issue ID: ALPS07363410.