TSEC NEWS: 06.05.21 Cron-Job Fehlerhaft nach PHP Update + PWA mobile + Desktop / 04.05.21 - Android App von TSECURITY 28.04.21 - NEUER SERVER // 26.04.21 ++ Download the Electron-App für tsecurity.de // Über 550 Feed-Quellen


❈ Qualcomm Snapdragon Auto ioctl Command user memory corruption

Sicherheitslücken / Exploits vuldb.com

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wearables (Chip Software). It has been declared as critical. This vulnerability affects an unknown function of the component ioctl Command Handler. Upgrading eliminates this vulnerability....


Kompletten Artikel lesen (externe Quelle: https://vuldb.com/?id.176596)

Zur Startseite

➤ Weitere Beiträge von Team Security | IT Sicherheit (tsecurity.de)

Snapdragon Automobile/Wearable/Mobile bis MSM8909W video_fmt_mp4r_process_atom_avc1() Pufferüberlauf

vom 515.31 Punkte
Es wurde eine kritische Schwachstelle in Snapdragon Automobile, Wearable sowie Mobile ausgemacht. Dabei betrifft es die Funktion video_fmt_mp4r_process_atom_avc1(). Mittels Manipulieren mit einer unbekannten Eingabe kann eine Pufferüberlauf-Schwachstelle ausgenutzt werd

Snapdragon Automobile/Wearable/Mobile bis MSM8909W video_fmt_mp4r_process_atom_avc1() Pufferüberlauf

vom 515.31 Punkte
Es wurde eine kritische Schwachstelle in Snapdragon Automobile, Wearable sowie Mobile ausgemacht. Dabei betrifft es die Funktion video_fmt_mp4r_process_atom_avc1(). Mittels Manipulieren mit einer unbekannten Eingabe kann eine Pufferüberlauf-Schwachstelle ausgenutzt werd

Veracode Hacker Games: The Results Are In!

vom 436.65 Punkte
The first everツ?Veracode Hacker Gamesツ?competition hasツ?come to a close, but were the flaws inツ?favor of our brave competitors? Read on to find out.ツ? Over the course of the two-weekツ?challenge, students from several universities in the U.S. and the U.K. came together to explore vulne

SharpDPAPI - A C# Port Of Some Mimikatz DPAPI Functionality

vom 319.58 Punkte
SharpDPAPI is a C# port of some DPAPI functionality from @gentilkiwi's Mimikatz project.I did not come up with this logic, it is simply a port from Mimikatz in order to better understand the process and operationalize it to fit our workflow. The SharpChrome subproject is an adaptation of work from @gentilkiwi and @djhohnstein, specifically his SharpChrome project. However, this version of SharpChrome

Docker-Inurlbr - Advanced Search In Search Engines, Enables Analysis Provided To Exploit GET / POST Capturing Emails & Urls

vom 242.41 Punkte
Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found.How to buildgit clone https://github.com/gmdutra/docker-inurlbr.gitc

P4wnP1 A.L.O.A. - Framework Which Turns A Rapsberry Pi Zero W Into A Flexible, Low-Cost Platform For Pentesting, Red Teaming And Physical Engagements

vom 208.9 Punkte
P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming and physical engagements ... or into "A Little Offensive Appliance".0. How to installThe latest image could be fo

Rust in the Linux kernel

vom 203.56 Punkte
Posted by Wedson Almeida Filho, Android Team In our previous post, we announced that Android now supports the Rust programming language for developing the OS itself. Related to this, we are also participating in the effort to evaluate the use of Rust as a supported language fo

Local Privilege Escalation in Win32k.sys Through Indexed Color Palettes

vom 172.82 Punkte
This is the second in our series of Top 5 interesting cases from 2019. Each of these bugs has some element that sets them apart from the more than 1,000 advisories released by the program this year. Today’s blog looks a local privilege escalation in t

Neurax - A Framework For Constructing Self-Spreading Binaries

vom 172.14 Punkte
A framework that aids in creation of self-spreading software Requirementsgo get -u github.com/redcode-labs/Coldfire go get -u github.com/yelinaung/go-haikunator New in v. 2.0New wordlist mutators + common passwords by country Improvised passive scanning

MemProcFS - The Memory Process File System

vom 167.22 Punkte
The Memory Process File System is an easy and convenient way of accessing physical memory as files a virtual file system.Easy trivial point and click memory analysis without the need for complicated commandline arguments! Access memory content and artifacts via

Command Injection Payload List

vom 162.88 Punkte
Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP header

Qualcomm's Next-gen Snapdragon 865 Mobile Chip Focuses on 5G

vom 156.34 Punkte
Qualcomm uncorked this year's version of its Snapdragon Technology Summit by announcing the names of its two new upcoming Snapdragon chips, the Snapdragon 865 and the Snapdragon 765/765G. Not surprisingly, the emphasis this year is on 5G, and the "AI"

Team Security Diskussion über Qualcomm Snapdragon Auto ioctl Command user memory corruption