βΌ CVE-2022-41580 βΌ
π Read
via "National Vulnerability Database".
The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41593 βΌ
π Read
via "National Vulnerability Database".
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41592 βΌ
π Read
via "National Vulnerability Database".
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41584 βΌ
π Read
via "National Vulnerability Database".
The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38986 βΌ
π Read
via "National Vulnerability Database".
The HIPP module has a vulnerability of bypassing the check of the data transferred in the kernel space.Successful exploitation of this vulnerability may cause out-of-bounds access to the HIPP module and page table tampering, affecting device confidentiality and availability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42234 βΌ
π Read
via "National Vulnerability Database".
There is a file inclusion vulnerability in the template management module in UCMS 1.6π Read
via "National Vulnerability Database".
βΌ CVE-2022-41603 βΌ
π Read
via "National Vulnerability Database".
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42067 βΌ
π Read
via "National Vulnerability Database".
Online Birth Certificate Management System version 1.0 suffers from an Insecure Direct Object Reference (IDOR) vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2022-41601 βΌ
π Read
via "National Vulnerability Database".
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42232 βΌ
π Read
via "National Vulnerability Database".
Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/classes/Master.php?f=delete_storage.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38977 βΌ
π Read
via "National Vulnerability Database".
The HwAirlink module has a heap overflow vulnerability.Successful exploitation of this vulnerability may cause out-of-bounds writes, resulting in modification of sensitive data.π Read
via "National Vulnerability Database".
βΌ CVE-2021-46840 βΌ
π Read
via "National Vulnerability Database".
The HW_KEYMASTER module has an out-of-bounds access vulnerability in parameter set verification.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3479 βΌ
π Read
via "National Vulnerability Database".
A vulnerability found in nss. By this security vulnerability, nss client auth crash without a user certificate in the database and this can lead us to a segmentation fault or crash.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41602 βΌ
π Read
via "National Vulnerability Database".
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41598 βΌ
π Read
via "National Vulnerability Database".
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-37603 βΌ
π Read
via "National Vulnerability Database".
A Regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js.π Read
via "National Vulnerability Database".
βΌ CVE-2022-39064 βΌ
π Read
via "National Vulnerability Database".
An attacker sending a single malformed IEEE 802.15.4 (Zigbee) frame makes the TRΓβ¦DFRI bulb blink, and if they replay (i.e. resend) the same frame multiple times, the bulb performs a factory reset. This causes the bulb to lose configuration information about the Zigbee network and current brightness level. After this attack, all lights are on with full brightness, and a user cannot control the bulbs with either the IKEA Home Smart app or the TRΓβ¦DFRI remote control. The malformed Zigbee frame is an unauthenticated broadcast message, which means all vulnerable devices within radio range are affected. CVSS 3.1 Base Score 7.1 vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:Hπ Read
via "National Vulnerability Database".
βΌ CVE-2022-38998 βΌ
π Read
via "National Vulnerability Database".
The HISP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data confidentiality.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41589 βΌ
π Read
via "National Vulnerability Database".
The DFX unwind stack module of the ArkCompiler has a vulnerability in interface calling.Successful exploitation of this vulnerability affects system services and device availability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38983 βΌ
π Read
via "National Vulnerability Database".
The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution.π Read
via "National Vulnerability Database".
π΄ Concerns Over Fortinet Flaw Mount; PoC Released, Exploit Activity Grows π΄
π Read
via "Dark Reading".
The authentication bypass flaw in FortiOS, FortiProxy, and FortiSwitch Manager is easy to find and exploit, security experts say.π Read
via "Dark Reading".
Dark Reading
Concerns Over Fortinet Flaw Mount; PoC Released, Exploit Activity Grows
The authentication bypass flaw in FortiOS, FortiProxy and FortiSwitchManager is easy to find and exploit, security experts say.