Security
Headlines
HeadlinesLatestCVEs

Tag

#wifi

CVE-2023-41270: SMOLD TV: Old & Smart

Improper Restriction of Excessive Authentication Attempts vulnerability in Samsung Smart TV UE40D7000 version T-GAPDEUC-1033.2 and before allows attackers to cause a denial of service via WPS attack tools.

CVE
Open in Source
#vulnerability#ios#android#mac#windows#google#microsoft#linux#dos#git#wordpress#intel#perl#pdf#samsung#auth#wifi
This Cheap Hacking Device Can Crash Your iPhone With Pop-Ups

Plus: SolarWinds is charged with fraud, New Orleans police face recognition has flaws, and new details about Okta’s October data breach emerge.

CVE-2023-41726

Ivanti Avalanche Incorrect Default Permissions allows Local Privilege Escalation Vulnerability

Russian Pair Charged with JFK Airport Taxi System Hack for Over 2 Years

By Waqas A cybersecurity incident apparently involving collaboration between Russians and Americans... This is a post from HackRead.com Read the original post: Russian Pair Charged with JFK Airport Taxi System Hack for Over 2 Years

Arid Viper Targeting Arabic Android Users with Spyware Disguised as Dating App

The threat actor known as Arid Viper (aka APT-C-23, Desert Falcon, or TAG-63) has been attributed as behind an Android spyware campaign targeting Arabic-speaking users with a counterfeit dating app designed to harvest data from infected handsets. "Arid Viper's Android malware has a number of features that enable the operators to surreptitiously collect sensitive information from victims' devices

CVE-2023-46978: vuln-reports/TOTOLINK X6000R/1/README.md at master · shinypolaris/vuln-reports

TOTOLINK X6000R V9.4.0cu.852_B20230719 is vulnerable to Incorrect Access Control.Attackers can reset login password & WIFI passwords without authentication.

Ubuntu Security Notice USN-6460-1

Ubuntu Security Notice 6460-1 - It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service. It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service or possibly expose sensitive information.

Arid Viper disguising mobile spyware as updates for non-malicious Android applications

Since April 2022, Cisco Talos has been tracking a malicious campaign operated by the espionage-motivated Arid Viper advanced persistent threat (APT) group targeting Arabic-speaking Android users.

CVE-2015-0897: <セキュリティ情報>LINEの脆弱性と修正完了に関するお知らせ | LINE公式ブログ

LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker.

CVE-2018-17559: Five Vulnerabilities in ABUS cameras

Due to incorrect access control, unauthenticated remote attackers can view the /video.mjpg video stream of certain ABUS TVIP cameras.