5 matches found
EUVD-2025-37709
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2. An app may be able to access user-sensitive data...
CVE-2022-37709
Tesla Model 3 V11.02022.4.5.1 6b701552d7a6 Tesla mobile app v4.23 is vulnerable to Authentication Bypass by spoofing. Tesla Model 3's Phone Key authentication is vulnerable to Man-in-the-middle attacks in the BLE channel. It allows attackers to open a door and drive the car away by leveraging...
CVE-2022-37709
CVE-2022-37709 affects Tesla Model 3 with firmware v11.0 (2022.4.5.1 6b701552d7a6) and Tesla mobile app v4.23. The issue is an authentication bypass by spoofing in the Phone Key flow, combined with Bluetooth Low Energy (BLE) channel weaknesses that enable a man-in-the-middle attack. Attackers wit...
CVE-2021-37709 Insecure direct object reference of log files of the Import/Export feature
Shopware is an open source eCommerce platform. Versions prior to 6.4.3.1 contain a vulnerability involving an insecure direct object reference of log files of the Import/Export feature. Version 6.4.3.1 contains a patch. As workarounds for older versions of 6.1, 6.2, and 6.3, corresponding securit...
CVE-2021-37709
Shopware’s CVE-2021-37709 affects the Import/Export log-file handling. Versions prior to 6.4.3.1 are vulnerable to an insecure direct object reference of log files. A patch is available in 6.4.3.1; for older 6.1–6.3 deployments, security measures via a plugin are provided as a workaround. The fla...