CVE-2022-41594 The phones have the fingerprint vulnerability. Successful exploitation may affect the fingerprint service.
A local attacker may access and control the smart phone or read personal data from it.
Vulnerabilities Scoring System
The Vulnerabilities Scoring System (VSS) is
CVE-2022-41586 The communication framework has a vulnerability of not properly truncating data. This may impact data confidentiality.
This vulnerability may lead to the disclosure of sensitive information, e.g. database log information.
It has been reported that the web interface of the
CVE-2022-42070 The BCSMS v1.0 is vulnerable to CSRF.
CSRF is a type of attack where an attacker tricks a website into executing unwanted actions on the user's behalf. This can be
CVE-2022-41535 The Open Source SACCO Management System v1.0 has a SQL injection vulnerability via the id parameter.
The code of this vulnerable management endpoint is as follows.
/sacco_shield/manage_borrower.php?id=1 The id parameter is used to assign an
CVE-2022-41482 An exploit in the Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was found that had a buffer overflow.
An attacker can exploit this vulnerability by sending a specially crafted request to the 0x47c5dc function. It is advised to update Tenda AC1200 US_AC6V2.
Episode
00:00:00
00:00:00