EUVD-2022-48501

Malicious code in bioql PyPI...

EUVD-2022-48498

Malicious code in bioql PyPI...

CVE-2022-45634

An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows authenticated attacker to gain access to sensitive account information...

CVE-2022-45634

An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows authenticated attacker to gain access to sensitive account information...

CVE-2022-45636

An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker to unlock models without authorization via arbitrary API requests...

CVE-2022-45637

An insecure password reset issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 service via insecure expiry mechanism...

CVE-2022-45636

MEGAFEIS DBD+ mobile app (iOS/Android) version 1.4.4 is affected by CVE-2022-45636 due to an insecure authorization scheme for API requests that allows an attacker to unlock models without authorization via arbitrary API calls. The issue targets the DBD+ backend endpoints used by the Megafeis sma...

CVE-2022-45636

An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker to unlock models without authorization via arbitrary API requests...

CVE-2022-45635

MEGAFEIS DBD+ mobile app for iOS/Android v1.4.4 is affected by CVE-2022-45635. The issue is due to an insecure password policy and lack of rate limiting on the Megafeis back-end API, enabling exposure of sensitive account information. A PoC/exploit exists (WithSecure megafeis-palm repository) and...