βΌ CVE-2022-41594 βΌ
π Read
via "National Vulnerability Database".
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41578 βΌ
π Read
via "National Vulnerability Database".
The MPTCP module has an out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause root privilege escalation attacks implemented by modifying program information.π Read
via "National Vulnerability Database".
βΌ CVE-2022-20397 βΌ
π Read
via "National Vulnerability Database".
In SitRilClient_OnResponse of SitRilSe.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223086933References: N/Aπ Read
via "National Vulnerability Database".
βΌ CVE-2022-41583 βΌ
π Read
via "National Vulnerability Database".
The storage maintenance and debugging module has an array out-of-bounds read vulnerability.Successful exploitation of this vulnerability will cause incorrect statistics of this module.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41580 βΌ
π Read
via "National Vulnerability Database".
The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41593 βΌ
π Read
via "National Vulnerability Database".
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41592 βΌ
π Read
via "National Vulnerability Database".
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41584 βΌ
π Read
via "National Vulnerability Database".
The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38986 βΌ
π Read
via "National Vulnerability Database".
The HIPP module has a vulnerability of bypassing the check of the data transferred in the kernel space.Successful exploitation of this vulnerability may cause out-of-bounds access to the HIPP module and page table tampering, affecting device confidentiality and availability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42234 βΌ
π Read
via "National Vulnerability Database".
There is a file inclusion vulnerability in the template management module in UCMS 1.6π Read
via "National Vulnerability Database".
βΌ CVE-2022-41603 βΌ
π Read
via "National Vulnerability Database".
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42067 βΌ
π Read
via "National Vulnerability Database".
Online Birth Certificate Management System version 1.0 suffers from an Insecure Direct Object Reference (IDOR) vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2022-41601 βΌ
π Read
via "National Vulnerability Database".
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42232 βΌ
π Read
via "National Vulnerability Database".
Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/classes/Master.php?f=delete_storage.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38977 βΌ
π Read
via "National Vulnerability Database".
The HwAirlink module has a heap overflow vulnerability.Successful exploitation of this vulnerability may cause out-of-bounds writes, resulting in modification of sensitive data.π Read
via "National Vulnerability Database".
βΌ CVE-2021-46840 βΌ
π Read
via "National Vulnerability Database".
The HW_KEYMASTER module has an out-of-bounds access vulnerability in parameter set verification.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3479 βΌ
π Read
via "National Vulnerability Database".
A vulnerability found in nss. By this security vulnerability, nss client auth crash without a user certificate in the database and this can lead us to a segmentation fault or crash.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41602 βΌ
π Read
via "National Vulnerability Database".
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41598 βΌ
π Read
via "National Vulnerability Database".
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-37603 βΌ
π Read
via "National Vulnerability Database".
A Regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js.π Read
via "National Vulnerability Database".
βΌ CVE-2022-39064 βΌ
π Read
via "National Vulnerability Database".
An attacker sending a single malformed IEEE 802.15.4 (Zigbee) frame makes the TRΓβ¦DFRI bulb blink, and if they replay (i.e. resend) the same frame multiple times, the bulb performs a factory reset. This causes the bulb to lose configuration information about the Zigbee network and current brightness level. After this attack, all lights are on with full brightness, and a user cannot control the bulbs with either the IKEA Home Smart app or the TRΓβ¦DFRI remote control. The malformed Zigbee frame is an unauthenticated broadcast message, which means all vulnerable devices within radio range are affected. CVSS 3.1 Base Score 7.1 vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:Hπ Read
via "National Vulnerability Database".