CVE-2022-41378 The App v1.0 had a SQL injection vulnerability at /pet_shop/admin/?page=inventory/manage_inventory.
This can be exploited by entering specific sequences of characters that will execute SQL statements in the database. In most cases, the goal of an
CVE-2022-39847 The set_nft_pid and signal_handler function of the NFC driver had an after free vulnerability that allows attackers to perform malicious actions.
CVE-2018-4307 was assigned by Red Hat. It allows local attackers to cause denial-of-service (device crash). Exploiting this vulnerability on a remote device requires user interaction.
CVE-2022-39855 FACM application has an access control vulnerability that allows a local attacker to connect arbitrary AP and Bluetooth devices.
This vulnerability is due to the weakness in the authentication process. An attacker can easily connect to a device and activate it remotely. Depending on
CVE-2022-39862 In-app browser api was compromised in Dynamic Lockscreen prior to SMR Sep-2022 release.
This occurs when the user locks the screen of his device and navigates to any website with javascript enabled. In the above scenario, the user
CVE-2022-41517 An overflow was found in the setLanguageCfg function of TOTOLINK NR1800X V9.1.0u.6279_B20210910.
allowing for remote code execution. The advisory was discovered by the researchers from Google Project Zero and was responsibly disclosed to the vendor. The advisory
Episode
00:00:00
00:00:00