The flash memory readout protection in China Key Systems & Integrated Circuit CKS32F103 devices allows physical attackers to extract firmware via the debug interface and exception handling. Date published : 2020-08-31 https://www.usenix.org/system/files/woot20-paper-obermaier.pdf
STMicroelectronics STM32F103 devices through 2020-05-20 allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration. Date published : 2020-08-31 https://www.usenix.org/system/files/woot20-paper-obermaier.pdf
The security protection in Gigadevice GD32F103 devices allows physical attackers to redirect the control flow and execute arbitrary code via the debug interface. Date published : 2020-08-31 https://www.usenix.org/system/files/woot20-paper-obermaier.pdf
The flash memory readout protection in China Key Systems & Integrated Circuit CKS32F103 devices allows physical attackers to extract firmware via the debug interface by utilizing the CPU or DMA module. Date published :...
The flash memory readout protection in Apex Microelectronics APM32F103 devices allows physical attackers to extract firmware via the debug interface and exception handling. Date published : 2020-08-31 https://www.usenix.org/system/files/woot20-paper-obermaier.pdf
In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPY_AREA macro while handling MMIO write operations through the sm501_2d_engine_write() callback. A local attacker...
OX App Suite 7.10.3 and earlier allows XSS via text/x-javascript, text/rdf, or a PDF document. Date published : 2020-08-31 https://www.open-xchange.com/
OX App Suite 7.10.1 to 7.10.3 has improper input validation for rate limits with a crafted User-Agent header, spoofed vacation notices, and /apps/load memory consumption. Date published : 2020-08-31 https://seclists.org/fulldisclosure/2020/Aug/14 https://www.open-xchange.com/
OX App Suite 7.10.3 and earlier allows SSRF, related to the mail account API and the /folder/list API. Date published : 2020-08-31 https://seclists.org/fulldisclosure/2020/Aug/14 https://www.open-xchange.com/
OX App Suite 7.10.3 and earlier has Incorrect Access Control via an /api/subscriptions request for a snippet containing an email address. Date published : 2020-08-31 http://seclists.org/fulldisclosure/2020/Aug/14 https://www.open-xchange.com/
THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes have their TELNET service hardcoded to start on boot, which allows an attacker on the local network to achieve root access via the TELNET...
The RSS application on THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes doesn’t validate the SSL certificates of RSS servers, which allows a man-in-the-middle attacker to modify the data delivered to the...
A buffer over-read vulnerability exists in bl
An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileged local attacker to escalate privileges or tamper with the product’s security settings. This issue affects:...