EUVD-2022-30477

Malicious code in bioql PyPI...

EUVD-2022-35333

Malicious code in bioql PyPI...

EUVD-2025-23007

Malicious code in bioql PyPI...

EUVD-2022-29556

Malicious code in bioql PyPI...

EUVD-2021-29097

Malicious code in bioql PyPI...

EUVD-2024-54615

Malicious code in bioql PyPI...

The vulnerability of the formiNICWpsStart() function (/goform/formiNICWpsStar) in the wireless range extender software from Belkin (model F9K1122) allows a intruder to trigger a service failure.

The vulnerability of the formiNICWpsStart function /goform/formiNICWpsStar of the Belkin F9K1122 Wi-Fi range extender software is related to reading data beyond the buffer boundaries in memory when processing the pinCode parameter. Exploiting this vulnerability could allow a malicious actor to...

CVE-2025-7085

A vulnerability was found in Belkin F9K1122 1.00.33. It has been rated as critical. This issue affects the function formiNICWpsStart of the file /goform/formiNICWpsStart of the component webs. The manipulation of the argument pinCode leads to stack-based buffer overflow. The attack may be initiat...

CVE-2025-7084

A vulnerability was found in Belkin F9K1122 1.00.33. It has been declared as critical. This vulnerability affects the function formWpsStart of the file /goform/formWpsStart of the component webs. The manipulation of the argument pinCode leads to stack-based buffer overflow. The attack can be...

Preinstalled Apps on Ulefone, Krüger&Matz Phones Let Any App Reset Device, Steal PIN

Three security vulnerabilities have been disclosed in preloaded Android applications on smartphones from Ulefone and Krüger&Matz that could enable any app installed on the device to perform a factory reset and encrypt an application. A brief description of the three flaws is as follows -...

CVE-2024-13917

An application "com.pri.applock", which is pre-loaded on Kruger&Matz smartphones, allows a user to encrypt any application using user-provided PIN code or by using biometric data. Exposed ”com.pri.applock.LockUI“ activity allows any other malicious application, with no granted Android system...

PT-2025-23311 · Unknown · Com.Pri.Applock

Name of the Vulnerable Software and Affected Versions: com.pri.applock version 13 version code: 33 com.pri.applock affected versions not specified Description: The application "com.pri.applock" allows users to encrypt applications using a PIN code or biometric data. However, the...

CVE-2023-33092

Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size...

CVE-2022-24689

An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. It mishandles access control. This allows a remote attacker to access account information pages including personal data without being authenticated. The collected information includes the badge numbers that operate as user login...

CVE-2022-25837

Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when at least one device supports BR/EDR Secure Connections pairing and the other BR/EDR Legacy PIN code pairing if the MITM...

CVE-2020-0148

In btuhcifpincoderequestevt, btuhciflinkkeyrequestevt, and btuhciflinkkeynotificationevt of btuhcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. Us...

CVE-2020-27747

An issue was discovered in Click Studios Passwordstate 8.9 Build 8973.If the user of the system has assigned himself a PIN code for entering from a mobile device using the built-in generator 4 digits, a remote attacker has the opportunity to conduct a brute force attack on this PIN code. As resul...

CVE-2019-17202

FastTrack Admin By Request 6.1.0.0 supports group policies that are supposed to allow only a select range of users to elevate to Administrator privilege at will. If a user does not have direct access to the elevation feature through group policies, they are prompted to enter a PIN code in a...

CVE-2024-26131

Element Android is an Android Matrix Client. Element Android version 1.4.3 through 1.6.10 is vulnerable to intent redirection, allowing a third-party malicious application to start any internal activity by passing some extra parameters. Possible impact includes making Element Android display an...

CVE-2024-41276

A vulnerability in Kaiten version 57.131.12 and earlier allows attackers to bypass the PIN code authentication mechanism. The application requires users to input a 6-digit PIN code sent to their email for authorization after entering their login credentials. However, the request limiting mechanis...