PT-2026-46178

Fixed AES-128-CBC keys inside the AcerConnect OTA application let attackers forge authorization credentials for arbitrary IMEI numbers. This allows unauthorized actors to list catalog items and extract protected binaries from pre-signed cloud links...

Elemental Path's CogniToys Dino Information Disclosure Vulnerability (CNVD-2018-00676)

Elemental Path's CogniToys Dino is a smart toy from Elemental Path's in the United States that is capable of voice communication with children. Elemental Path's CogniToys Dino using firmware version 0.0.794 and earlier suffers from a security vulnerability that stems from the program's use of a...