Vulnerability Reports

12/21/23
The firmware of the Kontrol Lux lock can be updated w/o AuthZ/AuthC
12/21/23
The Kontrol Lux lock can be forced to process arbitrary unencrypted messages
12/21/23
A Gateway G2 can be impersonated using its MAC address
12/21/23
The TTLock app does not properly verify that it is connected to a real lock
12/21/23
TTLock virtual keys can be reused even after invalidation
12/21/23
Challenge response can be retried indefinitely upon failure
12/21/23
Protocol downgrade on the TTLock app can expose the unlock key
12/21/23
Challenge response can be retried indefinitely upon failure
03/12/23
Unauthorized attacker can connect to the MQTT server controlling all of Electra's Smart AC units and gain full control of them
03/12/23
Attacker within WiFi range can cause unconfigured units to connect to a malicious update server
03/12/23
Attacker within IR range can install arbitrary firmware over the air
03/12/23
A WiFi hotspot with a known password is always availiable on unconfigured units
03/12/23
Credentials for connecting to the MQTT server hardcoded inside the firmware
03/12/23
Attacker within WiFi range can install arbitrary firmware over the air on unconfigured units
06/03/21
XXE in JDOM library - Java
03/09/21
Authenticated Arbitrary File Write via Web UI (cplogo-install)
03/09/21
Unauthenticated Command Injection via Web UI
03/09/21
Authenticated Reflected Cross-Site Scripting (cp_perview)
03/09/21
Authenticated Arbitrary File Write via Web UI to Specific Backup File
03/09/21
Authenticated Arbitrary File Write via Web UI (cp-upload)
03/09/21
Unauthenticated Arbitrary File Read via Race Condition Vulnerability
03/09/21
Authenticated Arbitrary File Read via Web UI (cplogo-install)
03/09/21
Authenticated Arbitrary Directory Create via Web UI (cplogo-install)
01/21/21
Stuck reading fifo file in Apport
01/21/21
Incorrect parsing of /proc/pid/stat in Apport
01/21/21
Incorrect parsing of /proc/pid/status in Apport
06/07/20
rkscli jailbreak
06/07/20
Authenticated command injection in emfd/libemf
06/07/20
Infromation leakage from /upnp.jsp
06/07/20
Stack buffer overflow in webs
06/07/20
Unauthenticated admin credentials overwrite
06/07/20
Webserver denial fo service
06/07/20
XSS in /admin/_wla_cmdstat.jsp
02/04/20
Insufficient validation of untrusted input in Omnibox
12/17/19
Ruckus CLI (rkscli) jailbreak
12/17/19
Admin credentials leakage
12/17/19
Remote command injection via a crafted HTTP request (cmdSpectraAnalysis)
12/17/19
Remote command injection via a crafted HTTP request (cmdPacketCapture)
12/17/19
Stack buffer overflow in zap executable
12/17/19
Remote command injection via a crafted HTTP request (cmdImportCategory)
12/17/19
Remote command injection via a crafted HTTP request (cmdImportAvpPort)
12/17/19
Information disclosure vulnerability
12/17/19
Remote code execution vulnerability via zap
12/17/19
SSRF vulnerability in zap
12/17/19
Ruckus CLI (ruckus_cli2) jailbreak
10/22/18
Potential DOS vulnerability in WCF services
10/22/18
Potential DOS vulnerability in applications that use ASP.NET Web API
10/22/18
Applications that use Newtonsoft.Json might be exposed to DOS vulnerability
10/22/18
DOS vulnerability in Azure Active Directory Graph API
10/22/18
DOS Vulnerability in SharePoint 2016 Server
10/22/18
OData Denial of Service Vulnerability
01/22/18
Nokia 6/5 EDL triggering through USB
01/22/18
Qualcomm EDL Firehose Programmers Peek and Poke Primitives
01/22/18
Google Nexus 6 & 6P EDL triggering through ADB
01/22/18
OnePlus EDL triggering through ADB or Hardware Key Combination
01/09/18
Motorola Bootloader Old UTAGs may lead to Kernel Command-line Injection
08/30/17
Motorola Android Bootloader Unlocking a Re-locked Bootloader from Platform OS
08/01/17
OnePlus 2 Lack of SBL1 Validation Broken Secure Boot
06/13/17
Google Nexus 9 Ephemeral Access to Unrestricted FIQ Debugger and SysRq
05/25/17
Apple iOS/watchOS/tvOS IOKit Buffer Overflow in Device-Tree Parsing
05/23/17
Linux lp.c Out-of-Bounds Write via Kernel Command-line
05/23/17
Motorola Android Bootloader Kernel Cmdline Injection Secure Boot Bypass
05/14/17
Aleph 2017016
05/11/17
OnePlus OTA Lack of TLS Vulnerability
05/11/17
OnePlus OTA One/X Crossover Vulnerability
05/11/17
OnePlus OTA OxygenOS/HydrogenOS Crossover Vulnerability
05/11/17
OnePlus OTA Downgrade Vulnerability
05/04/17
Google Nexus 9 SensorHub Firmware Downgrade Vulnerability
05/03/17
Google Nexus 9 Cypress SAR Firmware Injection via I2C
04/27/17
Aleph 2017019
04/25/17
OnePlus 3/3T OxygenOS Unauthorized Flash Dumping via fastboot
04/06/17
Aleph 2017018
03/28/17
macOS IOFireWireAVC Kernel Extension Out of Bounds Vulnerability
03/26/17
OnePlus 3/3T OxygenOS Charger Boot Mode ADB Access
03/19/17
OnePlus 3/3T OxygenOS Unauthorized Boot Mode Changing
03/08/17
Google Nexus 9 Unauthorized Access to FIQ Debugger
03/01/17
Aleph 2017012
02/08/17
OnePlus 3/3T OxygenOS 4F500301 Bootloader Locking Bypass
02/08/17
OnePlus 3/3T OxygenOS dm-verity Security Bypass
02/06/17
Google Nexus Synaptics Touchscreen Firmware Injection
01/27/17
Cordova-Android MiTM Remote Code Execution
01/11/17
OnePlus 3/3T OxygenOS SELinux Security Bypass
01/05/17
Google Nexus 6/6P Custom Boot Modes USB Configs Override
12/05/16
Google Android Synaptics Touchscreen Heap Overflow #2
12/05/16
Google Android Synaptics Touchscreen Heap Overflow
10/04/16
Google Nexus 6 f_usbnet Kernel Uninitialized Memory Leak Over USB
09/05/16
Google Nexus 9 Arbitrary Kernel Write
09/05/16
Google Nexus 5X Bootloader Unauthorized Memory Dumping via USB
06/21/16
Xiaomi MIUI Analytics Remote Code Execution
11/20/15
Apple iOS IOMobileFramebuffer Information Disclosure
11/20/15
Weak Randomization of BridgeSecret for Apache Cordova Android
08/10/15
MyScript Android SDK Deserialization Code Execution
08/10/15
GraceNote GNSDK Android SDK Deserialization Code Execution
08/10/15
PJSIP PJSUA2 Android SDK Deserialization Code Execution
08/10/15
esri ArcGis Android SDK Deserialization Code Execution
08/10/15
MetaIO Android SDK Deserialization Code Execution
08/10/15
Jumio Android SDK Deserialization Code Execution
08/10/15
Android OpenSSLX509Certificate Deserialization Code Execution
12/03/14
VASCO MyDigipass OAuth Unverified Email Social Login Bypass
12/03/14
Amazon OAuth Unverified Email Social Login Bypass
12/03/14
LinkedIn OAuth Unverified Email Social Login Bypass
07/28/14
Apache Cordova for Android Leak via URL Loading
07/28/14
Apache Cordova for Android Cross-App Scripting
07/28/14
Apache Cordova for Android Whitelist Bypass for Non-HTTP URLs
06/30/14
Android KeyStore Stack Buffer Overflow
03/25/14
Firefox for Android Crash Reporter File Manipulation
03/25/14
Firefox for Android Automatic File Download to SD Card
03/25/14
Firefox for Android Profile Directory Name Weak Randomization
03/11/14
Dropbox Android SDK INTERNAL_WEB_HOST Security Bypass
02/04/14
Firefox for Android Profile Directory Name Leaks to Android System Log
12/10/13
Android Fragment Injection
08/13/13
Weak Randomness in Android's DNS Resolver
08/13/13
BIND 9 NS Selection SRTT Algorithm Weakness
10/18/12
Dropbox for iOS & Android Cross-Zone Scripting
10/18/12
Google Drive iOS App Cross-Zone Scripting
07/12/12
Microsoft Windows Shell Command Injection
07/10/12
Microsoft toStaticHTML HTML Sanitizing Bypass
05/03/12
Android SQLite Journal Information Disclosure
01/19/12
Microsoft Anti-XSS Library Bypass
10/18/11
Oracle Java Remote DNS Poisoning via Port Exhausion #2
10/18/11
Microsoft Windows Unprivileged DNS Cache Flushing
10/18/11
Microsoft Windows Port Exhaustion Weakness
10/18/11
Oracle Java Remote DNS Poisoning via Port Exhausion
10/11/11
Google App Engine Python SDK Code Execution
09/20/11
Opera Mobile for Android Cache Poisoning XAS
09/20/11
Dolphin Browser HD Cross-Application Scripting
07/31/11
Android Browser Cross-Application Scripting
07/21/11
Microsoft toStaticHTML HTML Sanitizing Information Leak Vulnerability
08/02/09
Adobe Flash Player and AIR AVM2 intf_count Integer Overflow
06/02/09
Apple QuickTime Image Description Atom Sign Extension Memory Corruption
04/23/09
Google Chrome ChromeHTML Protocol Handler Universal XSS
10/08/08
Adobe Flash Out-of-Bounds Memory Read DoS
10/08/08
Graphviz Stack Buffer Overflow Code Execution
09/09/08
Apple QuickTime QTVR Sign-Extension Heap Overflow