CVE-2022-33688

Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log...

EUVD-2024-33982

Malicious code in bioql PyPI...

CVE-2022-30741

Sensitive information exposure vulnerability in SimChangeAlertManger of Find My Mobile prior to 7.2.24.12 allows local attackers with log access permission to get sim card information through device log...

PT-2024-16714 · Sma · Sunny Central Sc 1760-Us +28

Name of the Vulnerable Software and Affected Versions: No specific software name or versions are mentioned in the provided descriptions. Description: An authenticated attacker with low privileges may use a SQL Injection vulnerability in the affected product's administration panel to gain read and...

How to lock out your ex-partner from your smart home

Stalkers can use all kinds of apps, gadgets, devices, and phones to spy on their targets, which are often their ex-partners. Unfortunately, while they no doubt have many positive uses, smart home devices give stalkers an array of tools to keep an eye on their targets. If you are the partner that...

Command injection

Furbo dog camera has insufficient filtering for special parameter of device log management function. An unauthenticated remote attacker in the Bluetooth network with normal user privileges can exploit this vulnerability to perform command injection attack to execute arbitrary system commands or...

CVE-2022-39893

Sensitive information exposure vulnerability in FmmBaseModel in Galaxy Buds Pro Manage prior to version 4.1.22092751 allows local attackers with log access permission to get device identifier data through device log...

CVE-2022-39893

CVE-2022-39893 affects Samsung Galaxy Buds Pro Manager (FmmBaseModel) prior to version 4.1.22092751. The vulnerability allows a local attacker with log access permission to obtain device identifier data from device logs. Connected sources confirm the affected package and version, and the root cau...

CVE-2022-33697

CVE-2022-33697 corresponds to a local information-disclosure vulnerability in Samsung ImsCore, specifically ImsServiceSwitchBase, where IMSI can be exposed via device logs. Affected software: ImsCore prior to SMR Jul-2022 Release 1. Root cause: failure to protect sensitive information in logs; re...

CVE-2022-30741

Sensitive information exposure vulnerability in SimChangeAlertManger of Find My Mobile prior to 7.2.24.12 allows local attackers with log access permission to get sim card information through device log...

Information disclosure

Sensitive information exposure vulnerability in SimChangeAlertManger of Find My Mobile prior to 7.2.24.12 allows local attackers with log access permission to get sim card information through device log...

Emerson Smart Wireless Gateway 1420 4.6.59 Missing Authentication

Title: Missing access controls Product: Emerson Smart Wireless Gateway Vendor Homepage: http://emerson.com Vulnerable Version: 1420 4.6.59 CVE Number: CVE-2020-19419 Authors: Harsha Bhat, Anish Mitra and Unmesh Guragol Timeline: 2019-08-02 Disclosed to the vendor 2019-08-22 Vendor confirmed that...

Design/Logic Flaw

VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability that could allow an authenticated AWC user to add malicious data to an enrolled device's log files. Successful exploitation of this issue could result in an unsuspecting AWC user opening a CSV file which contains malicious conten...

D-Link DI-704P - Syslog.HTM Denial of Service

source: https://www.securityfocus.com/bid/7686/info D-Link DI-704P has been reported prone to a remote denial of service vulnerability. The issue presents itself in a D-Link web interface page. It has been reported that when excessive is data passed URI parameter in a request for the vulnerable...