VU#229438: Mobile device monitoring services do not authenticate API requests
Overview The backend infrastructure shared by multiple mobile device monitoring services does not adequately authenticate or authorize API requests, creating an IDOR (Insecure Direct Object Reference) vulnerability. These services and their associated apps can be used to perform non-consensual, unauthorized monitoring and are commonly called “stalkerware.” An unauthenticated remote attacker can access personal information collected […]
VU#383864: Visual Voice Mail (VVM) services transmit unencrypted credentials via SMS
Overview Visual Voice Mail (VVM) services transmit unencrypted credentials via SMS. An attacker with the ability to read SMS messages can obtain VVM IMAP credentials and gain access to VVM data. Description VVM is specified by Open Mobile Terminal Platform-OMPT and is implemented with SMS and IMAP (and other protocols). VVM IMAP credentials are sent […]
VU#970766: Spring Framework insecurely handles PropertyDescriptor objects with data binding
Overview The Spring Framework insecurely handles PropertyDescriptor objects, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Spring Framework is a Java framework that can be used to create applications such as web applications. Due to improper handling of PropertyDescriptor objects used with data binding, Java applications […]
VU#287178: McAfee Agent for Windows is vulnerable to privilege escalation due to OPENSSLDIR location
Overview McAfee Agent contains a privilege escalation vulnerability due to the use of an OPENSSLDIR variable that specifies a location where an unprivileged Windows user may be able to place files. Description CVE-2022-0166 McAfee Agent, which comes with various McAfee products such as McAfee Endpoint Security, includes an OpenSSL component that specifies an OPENSSLDIR variable […]
VU#119678: Samba vfs_fruit module insecurely handles extended file attributes
Overview The Samba vfs_fruit module allows out-of-bounds heap read and write via extended file attributes (CVE-2021-44142). This vulnerability allows a remote attacker to execute arbitrary code with root privileges. Description The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide “…enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP […]
VU#796611: InsydeH2O UEFI software impacted by multiple vulnerabilities in SMM
Overview The InsydeH2O Hardware-2-Operating System (H2O) UEFI firmware contains multiple vulnerabilities related to memory management in System Management Mode (SMM). Description UEFI software provides an extensible interface between an operating system and platform firmware. UEFI software uses a highly privileged processor execution mode called System Management Mode (SMM) for handling system-wide functions like power management, […]