64 matches found
EUVD-2022-25023
Malicious code in bioql PyPI...
EUVD-2022-25020
Malicious code in bioql PyPI...
EUVD-2022-25022
Malicious code in bioql PyPI...
EUVD-2022-25024
Malicious code in bioql PyPI...
EUVD-2022-25021
Malicious code in bioql PyPI...
The vulnerability of the authentication mechanism for voting sessions in the software of the ImageCast X device for marking ballots allows a perpetrator to obtain an arbitrary number of ballots without authorization.
The vulnerability of the authentication mechanism for voting sessions in the ImageCast X device’s voting software is related to a lack of a mechanism for verifying the source of data. Exploiting this vulnerability could allow an intruder to obtain any number of ballots without being authorized...
The vulnerability of the software terminal emulator for the ImageCast X device, which allows a violator to increase their privileges
The vulnerability of the software terminal emulator for the ImageCast X labeling device is related to the presence of undocumented commands. Exploiting this vulnerability can allow an attacker to gain increased privileges...
CVE-2022-1747
The authentication mechanism used by voters to activate a voting session on the tested version of Dominion Voting Systems ImageCast X is susceptible to forgery. An attacker could leverage this vulnerability to print an arbitrary number of ballots without authorization...
CVE-2022-1742
The tested version of Dominion Voting Systems ImageCast X allows for rebooting into Android Safe Mode, which allows an attacker to directly access the operating system. An attacker could leverage this vulnerability to escalate privileges on a device and/or install malicious code...
CVE-2022-1745
The authentication mechanism used by technicians on the tested version of Dominion Voting Systems ImageCast X is susceptible to forgery. An attacker with physical access may use this to gain administrative privileges on a device and install malicious code or perform arbitrary administrative actio...
CVE-2022-1739
The tested version of Dominion Voting Systems ImageCast X does not validate application signatures to a trusted root certificate. Use of a trusted root certificate ensures software installed on a device is traceable to, or verifiable against, a cryptographic key provided by the manufacturer to...
CVE-2022-1740
The tested version of Dominion Voting Systems ImageCast X’s on-screen application hash display feature, audit log export, and application export functionality rely on self-attestation mechanisms. An attacker could leverage this vulnerability to disguise malicious applications on a device...
CVE-2022-1739
The tested version of Dominion Voting Systems ImageCast X does not validate application signatures to a trusted root certificate. Use of a trusted root certificate ensures software installed on a device is traceable to, or verifiable against, a cryptographic key provided by the manufacturer to...
CVE-2022-1740
The tested version of Dominion Voting Systems ImageCast X’s on-screen application hash display feature, audit log export, and application export functionality rely on self-attestation mechanisms. An attacker could leverage this vulnerability to disguise malicious applications on a device...
CVE-2022-1741
The tested version of Dominion Voting Systems ImageCast X has a Terminal Emulator application which could be leveraged by an attacker to gain elevated privileges on a device and/or install malicious code...
CVE-2022-1742
The tested version of Dominion Voting Systems ImageCast X allows for rebooting into Android Safe Mode, which allows an attacker to directly access the operating system. An attacker could leverage this vulnerability to escalate privileges on a device and/or install malicious code...
CVE-2022-1743
The tested version of Dominion Voting System ImageCast X can be manipulated to cause arbitrary code execution by specially crafted election definition files. An attacker could leverage this vulnerability to spread malicious code to ImageCast X devices from the EMS...
CVE-2022-1744
Applications on the tested version of Dominion Voting Systems ImageCast X can execute code with elevated privileges by exploiting a system level service. An attacker could leverage this vulnerability to escalate privileges on a device and/or install malicious code...
CVE-2022-1745
The authentication mechanism used by technicians on the tested version of Dominion Voting Systems ImageCast X is susceptible to forgery. An attacker with physical access may use this to gain administrative privileges on a device and install malicious code or perform arbitrary administrative actio...
Authorization
The authentication mechanism used by voters to activate a voting session on the tested version of Dominion Voting Systems ImageCast X is susceptible to forgery. An attacker could leverage this vulnerability to print an arbitrary number of ballots without authorization...