Bookwyrm versions 0.4.3 and below suffer from an authentication bypass vulnerability due to a lack of rate limiting on OTP checks.
>> AUTHOR: deepcore
Trojan.Ransom.Ryuk.A ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. Once…
Buffalo TeraStation Network Attached Storage (NAS) version 1.66 suffers from an authentication bypass vulnerability.
ProcessMaker versions prior to 3.5.4 were discovered to be susceptible to a remote privilege escalation vulnerability.
Blink1Control2 version 2.2.7 suffers from a weak password encryption vulnerability.
Backdoor.Win32.Hellza.120 malware suffers from an authentication bypass vulnerability.
Backdoor.Win32.Hellza.120 malware suffers from a remote command execution vulnerability.
On Mali devices without the new CSF interface, IMPORTED_USER_BUF is released without flushing host-side VMAs, leading to a page use-after-free vulnerability.
Arm Mali has an issue where a driver exposes physical addresses to unprivileged userspace.
The Mali driver frees GPU page tables before removing the higher-level PTEs pointing to those page tables (and, therefore, also before issuing the required flushes). This means a racing memory…