by Justyna Thiede | 17 December 2020 | Blog-EN, Newest post
Maciej Miszczyk Multiple vulnerabilities in GameLoop – remote code execution, privilege escalation Gameloop is an Android emulator released by Tencent. During our tests, we have identified multiple vulnerabilities which can lead to code execution and privilege...
by Justyna Thiede | 2 December 2020 | Blog-EN
Maciej Miszczyk Score is a Mediawiki extension which generates musical notation based on user-provided Lilypond or ABC markup. During our tests, we have determined it is vulnerable to remote code execution through Scheme code embedded in Lilypond markup. CVEID:...
by Justyna Thiede | 8 April 2020 | Blog-EN
Maciej Miszczyk QQBrowser is a web browser developed by Tencent. It is one of the most popular web browsers used in China. During our tests, we have found a vulnerability which allows an unprivileged local attacker to gain code execution as NT AUTHORITYSYSTEM....
by Anna Krukowska | 23 March 2020 | Blog-EN
Maciej Miszczyk Andy is an Android emulator for Windows and Mac. During our tests, we have found open local TCP ports which could be exploited to escalate privileges from user to root. CVEID: CVE-2019-14326 Name of the affected product(s) and version(s): Andy (all...
by Anna Krukowska | 24 February 2020 | Blog-EN, Newest post
Maciej Miszczyk Gurux GXDLMS Director is an open-source Windows program for interacting with energy meters through the use of DLMS/COSEM protocol. The software has a remote update functionality for add-in DLLs as well as for files containing OBIS codes...
