12 matches found
CVE-2024-23674
The Online-Ausweis-Funktion eID scheme in the German National Identity card through 2024-02-15 allows authentication bypass by spoofing. A man-in-the-middle attacker can assume a victim's identify for access to government, medical, and financial resources, and can also extract personal data from...
CVE-2024-23674
The Online-Ausweis-Funktion eID scheme in the German National Identity card through 2024-02-15 allows authentication bypass by spoofing. A man-in-the-middle attacker can assume a victim's identify for access to government, medical, and financial resources, and can also extract personal data from...
German National Identity card security breach
The German National Identity card is an authentication mechanism and carrier. A security vulnerability exists in the German National Identity card Online-Ausweis-Funktion eID that originates from allowing authentication to be bypassed through spoofing...
CVE-2024-23674
The CVE concerns The Online-Ausweis-Funktion eID scheme in the German National Identity Card (through 2024-02-15). A malevolent actor can perform authentication bypass via spoofing, enabling a network-based MITM to impersonate a victim for government, medical, and financial access and to extract ...
Qualcomm Chipsets 缓冲区错误漏洞
Qualcomm Chipsets are a series of chipsets from Qualcomm, an American company. The Qualcomm Chipsets have a security vulnerability that stems from a memory corruption issue in Network Stack and Connectivity when a SIM card is detected in a phone call...
Samsung mobile 日志信息泄露漏洞
Samsung Find My Mobile is an application to find a cell phone by the South Korean company Samsung Samsung. An information disclosure vulnerability exists in SimChangeAlertManger, a version prior to Samsung Find My Mobile 7.2.24.12. A local attacker with log access could exploit the vulnerability ...
Printable Staff Id Card Creator System 代码问题漏洞
Printable Staff Id Card Creator System is a small project by Patrick Mvuma personal developer. It is intended to be used by administrators of a company or organization to enroll new employees and create their ID cards and print them. Printable Staff ID Card Creator System has a code issue...
Singapore's Largest Healthcare Group Hacked, 1.5 Million Patient Records Stolen
Singapore's largest healthcare group, SingHealth, has suffered a massive data breach that allowed hackers to snatch personal information on 1.5 million patients who visited SingHealth clinics between May 2015 and July 2018. SingHealth is the largest healthcare group in Singapore with 2 tertiary...
Directory Traversal Vulnerability in Hiroshima Carsharing App Android Version
Hiroshima Car Sharing App is a car rental software. There is a directory traversal vulnerability in the Android version of Hongyang Shared Car APP, which can be exploited by an attacker to directly view and download sensitive information such as ID card, driver's license, db file, code...
Guizhou Provincial People's Hospital's Android App Has Override Access Vulnerability
Guizhou Provincial People's Hospital APP is a medical app for local people in Guizhou, making it easier and faster for people to see a doctor. Download Guizhou Provincial People's Hospital APP to utilize ID cards, visiting cards and other identification to get all the information about the visit,...
New windows malware can target smart cards for full remote access
If you think that having a USB Token Smartcard is extremely secure for Digital signatures or other activities, you may be wrong! The research done by Paul Rascagneres can remotely give access to victims smartcard! What makes the attack unique is it uses a keylogger to get the PIN or password and...
[SECURITY] Fedora 14 Update: opensc-0.11.13-6.fc14
OpenSC is a package for for accessing smart card devices. Basic functionality e.g. SELECT FILE, READ BINARY should work on any ISO 7816-4 compatible smart card. Encryption and decryption using private keys on the smart card is possible with PKCS 15 compatible cards, such as the FINEID Finnish...