A path traversal vulnerability was found in the WifiHs20UtilityService. This service is running on a Samsung S6 Edge device, and may be present on other Samsung device models. WifiHs20UtilityService reads…
>> CATEGORY: exploit
The SecEmailComposer/EmailComposer application used by the Samsung S6 Edge has an exported service action to do quick replies to emails. It was found that this action required no permissions to…
The Samsung Graphics 2D driver (/dev/fimg2d) is accessible by unprivileged users/applications. It was found that the ioctl implementation for this driver contains a locking error which can lead to memory…
The Samsung m2m1shot driver framework is used to provide hardware acceleration for certain media functions, such as JPEG decoding and scaling images. The driver endpoint (/dev/m2m1shot_jpeg) is accessible by the…
The Realtyna RPL application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions…
This Metasploit module exploits an information disclosure vulnerability found in Zpanel versions 10.1.0 and below. The vulnerability is due to a vulnerable version of pChart allowing remote, unauthenticated, users to…
VLC version 2.2.1 libvlccore .mp3 stack overflow memory exhaustion exploit.
Belkin Router N150 suffers from a path traversal vulnerability.
RealtyScript version 4.0.2 suffers from cross site request forgery and cross site scripting vulnerabilities.