83 matches found
CVE-2022-36866
Improper access control vulnerability in Broadcaster in Group Sharing prior to versions 13.0.6.15 in Android S12, 13.0.6.14 in Android R11 and below allows attackers to identify the device...
CVE-2022-36866
Improper access control vulnerability in Broadcaster in Group Sharing prior to versions 13.0.6.15 in Android S12, 13.0.6.14 in Android R11 and below allows attackers to identify the device...
Information disclosure
Exposure of Sensitive Information in FaqSymptomCardViewModel in Samsung Members prior to versions 4.3.00.11 in Global and 14.0.02.4 in China allows local attackers to access device identification via log...
CVE-2022-36877
Samsung Members before 4.3.00.11 (Global) and before 14.0.02.4 (China) expose sensitive information in FaqSymptomCardViewModel via logs, enabling local attackers to access device identification. The issue is confirmed across multiple sources (including PT-2022-23681) with a local attack vector an...
CVE-2022-36877
Exposure of Sensitive Information in FaqSymptomCardViewModel in Samsung Members prior to versions 4.3.00.11 in Global and 14.0.02.4 in China allows local attackers to access device identification via log...
The vulnerabilities of the web server of the microprogramming software for communication modules CP-8000 MASTER MODULE WITH I/O, CP-8021 MASTER MODULE (6MF2802-1AA00), CP-8022 MASTER MODULE WITH GPRS (6MF2802-2AA00) allow attackers to identify the devices used in the network.
The vulnerability of web-servers of microprogramming software for communication modules, such as CP-8000 MASTER MODULE WITH I/O, CP-8021 MASTER MODULE 6MF2802-1AA00, and CP-8022 MASTER MODULE WITH GPRS 6MF2802-2AA00, is related to deficiencies in access control. Exploiting these vulnerabilities...
CVE-2022-33707
Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker to identify the device...
CVE-2022-33707
Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker to identify the device...
CVE-2022-33707
Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker to identify the device...
CVE-2022-33707
CVE-2022-33707 affects Samsung Find My Mobile before version 7.2.24.12. The vulnerability stems from improper identifier creation logic, enabling an attacker to identify a target device. The issue is documented across multiple feeds (NVD, Red Hat, CNVD, CVE records) with the same description. No ...
HUAWEI HarmonyOS 安全漏洞
HUAWEI HarmonyOS is an operating system from the Chinese company Huawei HUAWEI. It provides a full-scenario distributed operating system based on a microkernel. An authorization issue vulnerability exists in the HUAWEI HarmonyOS kernel, which stems from improper control of permissions in the...
Your Graphics Card Fingerprint Can Be Used to Track Your Activities Across the Web
Researchers have demonstrated a new type of fingerprinting technique that exploits a machine's graphics processing unit GPU as a means to persistently track users across the web. Dubbed DrawnApart, the method "identifies a device from the unique properties of its GPU stack," researchers from...
The vulnerability of the microprogrammed Ethernet module software WISE-4060 and Adam-6050 D, due to insufficient validation of input data, allows attackers to identify the devices used in the network.
The vulnerability of the microprogrammed Ethernet module WISE-4060 and Adam-6050 D lies in insufficient verification of input data. Exploiting this vulnerability allows a malicious actor to identify the devices used in the network through a specially crafted network packet...
Akamai + Fingerbank: How an open source community can transform security
Isn't it amazing how seemingly simple decisions can have far-reaching effects? When the Inverse team in Montreal took over PacketFence in 2008, it was an open source OS solution. They recognized the inherent value in keeping it as such. In so doing, they didn't just launch a product--they created...
CVE-2020-0331
In Settings, there is a possible permissions bypass. This could lead to local information disclosure of the device's IMEI with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-147309310...
KITT-Lite
This is an offensive tool for wireless network exploitation. It is a collection of scripts and tools for various wireless-related tasks, including wireless network scanning, device identification, and password cracking. The toolset includes scripts for tasks such as: Wireless network scanning usi...
CVE-2020-12859
The CVE concerns COVIDSafe’s OpenTrace/BlueTrace protocol (up to v1.0.17). Unnecessary fields in the protocol payload allow a remote attacker to identify a device model by observing cleartext data, enabling re-identification of devices, particularly for less common phone models or in low-density ...
Bluetooth Flaws Could Allow Global Tracking of Apple, Windows 10 Devices
Vulnerabilities in the way Bluetooth Low Energy is implemented on devices by manufacturers can open the door to global device tracking for the Windows 10, iOS and macOS devices that incorporate it, according to research from Boston University. An academic team at BU uncovered the flaws, which exi...
PcapXray v2.5 - A Network Forensics Tool To Visualize A Packet Capture Offline As A Network Diagram
PcapXray is a Network Forensics Tool To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction. PcapXray Design Specification Goal: Given a Pcap File, plot a network diagram displaying hosts in the network,...
Google Android Information Disclosure Vulnerability (CNVD-2025-00305)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. There is a security vulnerability in Android. An attacker can use this vulnerability to bypass privilege detection with the help of WiFi broadcasting and disclose information abou...