CVE ID CVE-2020-28360 CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Internal ID SICK-2020-022 Vendor private-ip Project Product private-ip Product Versions: 1.0.5 and below...

Extraordinary Vulnerabilities Discovered in TCL Android TVs, Now World’s 3rd Largest TV Manufacturer.

by Sick Codes

November 9, 2020 - Updated on April 3, 2021

The following piece is the culmination of a three-month long investigation into Smart TVs running Android. Having lived through this...

CVE-2020-28055 – TCL Android Smart TV (All) – Incorrect Permission Assignment for Critical Vendor Resources – TCL Android TV Vendor Configuration & Upgrade Folders World Writable to Local Attacker

by Sick Codes

November 9, 2020 - Updated on December 31, 2020

Title TCL Android Smart TV (All) - Incorrect Permission Assignment for Critical Vendor Resources - TCL Android TV Vendor Configuration...

TCL Smart TV Vulnerability Browse Filesystem

CVE-2020-27403 – TCL Android Smart TV (All) – Exposure of Information Through Directory Listing – TCL Android TV Filesystem Browsable to Unauthenticated Attackers Over the Adjacent Network on Port 7989

by Sick Codes

November 9, 2020 - Updated on December 31, 2020

Title TCL Android Smart TV (All) - Exposure of Information Through Directory Listing - TCL Android TV Filesystem Browsable to...

CVE-2020-8276 – Exposure of Sensitive Information to an Unauthorized Actor – Brave Browser Potentially Logs The Last Time A Tor Window Was Used.

by Sick Codes

November 5, 2020 - Updated on November 24, 2020

Title Exposure of Sensitive Information to an Unauthorized Actor - Brave Browser Potentially Logs The Last Time A Tor Window...

SICK-2020-004 Hindotech HK1 TV Box - Root Privilege Escalation - Improper Access Control

CVE-2020-27402 – Hindotech HK1 TV Box – Root Privilege Escalation

by Sick Codes

October 12, 2020 - Updated on November 24, 2020

CVE-2020-27402 Hindotech HK1 TV Box - Root Privilege Escalation - Improper Access Control CVE ID CVE-2020-27402 CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H...

CVE-2020-15590 – Private Internet Access VPN for Linux – Exposure of Sensitive Information to an Unauthorized Actor

by Sick Codes

August 31, 2020 - Updated on November 24, 2020

CVE-2020-15590 Private Internet Access VPN for Linux - Exposure of Sensitive Information to an Unauthorized Actor CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N...

Page 2 of 2 Prev 1 2

No Result

View All Result

Security

Sick Codes @ DEF CON 29!

CVE-2021-27616 – SAP Business One Hana (Chef Cookbook) – Exposure of Backup File to an Unauthorized Control Sphere via Insecure Temporary File Storage.

CVE-2021-27614 – SAP Business One Hana (Chef Cookbook) – Incorrect Permission Assignment for Critical Resources – Root Privilege Escalation Vulnerability

CVE-2021-27613 – SAP Business One Hana (Chef Cookbook) – Insecure Temporary File For Incoming & Outgoing Payroll Data – SAP Business One Chef Cookbook.

CVE-2020-28360 – private-ip npm package – Incorrect Regular Expression – Insufficient RegEx in private-ip npm package v1.0.5 and below insufficiently filters reserved IP ranges resulting in indeterminate SSRF.

Extraordinary Vulnerabilities Discovered in TCL Android TVs, Now World’s 3rd Largest TV Manufacturer.

CVE-2020-28055 – TCL Android Smart TV (All) – Incorrect Permission Assignment for Critical Vendor Resources – TCL Android TV Vendor Configuration & Upgrade Folders World Writable to Local Attacker

CVE-2020-27403 – TCL Android Smart TV (All) – Exposure of Information Through Directory Listing – TCL Android TV Filesystem Browsable to Unauthenticated Attackers Over the Adjacent Network on Port 7989

CVE-2020-8276 – Exposure of Sensitive Information to an Unauthorized Actor – Brave Browser Potentially Logs The Last Time A Tor Window Was Used.

CVE-2020-27402 – Hindotech HK1 TV Box – Root Privilege Escalation

CVE-2020-15590 – Private Internet Access VPN for Linux – Exposure of Sensitive Information to an Unauthorized Actor

Welcome Back!

Retrieve your password