EUVD-2022-42351

Malicious code in bioql PyPI...

EUVD-2022-42341

Malicious code in bioql PyPI...

CVE-2022-41984

Protection mechanism failure for some IntelR ArcTM graphics cards A770 and A750 Limited Edition sold between October of 2022 and December of 2022 may allow a privileged user to potentially enable denial of service via local access...

CVE-2022-42878

CVE-2022-42878 affects Intel® Trace Analyzer and Collector software prior to 2021.8.0 (and related Intel HPC Toolkit components). Root cause is a null pointer dereference that could allow an authenticated local user to disclose information. Exploitation details are not provided in the supplied do...

CVE-2023-23910

Out-of-bounds write for some IntelR Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access...

CVE-2023-23569

Stack-based buffer overflow for some IntelR Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable escalation of privilege via local access...

americanmusclehunks.com Cross Site Scripting vulnerability OBB-3118631

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

HP PC BIOS December 2022 Security Update (TOCTOU)

A potential Time-of-Check to Time-of-Use TOCTOU vulnerability has been identified in the BIOS for certain HP PC products which might allow arbitrary code execution, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate the potential vulnerability. HP has identifi...

rental-car-sales.com Cross Site Scripting vulnerability OBB-3095353

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2022-39906

Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows attackers to access message information...

CVE-2022-39904

Exposure of Sensitive Information vulnerability in Samsung Settings prior to SMR Dec-2022 Release 1 allows local attackers to access the Network Access Identifier via log...

CVE-2022-39898

Improper access control vulnerability in IIccPhoneBook prior to SMR Dec-2022 Release 1 allows attackers to access some information of usim...

CVE-2022-39897

Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log...

CVE-2022-39901

Improper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to disable the network traffic encryption between UE and gNodeB...

CVE-2022-39903

Improper access control vulnerability in RCS call prior to SMR Dec-2022 Release 1 allows local attackers to access RCS incoming call number...

CVE-2022-39905

Implicit intent hijacking vulnerability in Telecom application prior to SMR Dec-2022 Release 1 allows attacker to access sensitive information via implicit intent...

CVE-2022-39908

TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write...

CVE-2022-39894

Improper access control vulnerability in ContactListStartActivityHelper in Phone prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent...

Improper access control

Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder through Nice Catch...

Information disclosure

Exposure of Sensitive Information vulnerability in Samsung Settings prior to SMR Dec-2022 Release 1 allows local attackers to access the Network Access Identifier via log...