CVE-2023-53967

Affected product: Screen SFT DAB 600/C firmware 1.9.3. Vulnerability: authentication bypass via POST to userManager.cgx that allows changing the admin password using a crafted MD5-hashed password. Impact: potential unauthorized admin access; confidentiality at risk. Root cause: improper authentic...

CVE-2023-7328

Screen SFT DAB 600/C firmware versions up to and including 1.9.3 contain an improper access control on the user management API allows unauthenticated requests to retrieve structured user data, including account names and connection metadata such as client IP and timeout values...

CVE-2023-7328 Screen SFT DAB 600/C <= 1.9.3 Unauthenticated Information Disclosure

Screen SFT DAB 600/C firmware versions up to and including 1.9.3 contain an improper access control on the user management API allows unauthenticated requests to retrieve structured user data, including account names and connection metadata such as client IP and timeout values...

PT-2023-5280 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The issue is related to a logic error in the code of HostEmulationManager.java, specifically in the onHostEmulationData function. This error allows a general-purpose NFC reader to read the...

Input validation

In all versions of Unity8 a running but not active application on a large-screen device could talk with Maliit and consume keyboard input...

CVE-2016-1584

In all versions of Unity8 a running but not active application on a large-screen device could talk with Maliit and consume keyboard input...

CVE-2016-1584 Unity8 converged application lifecycle allows background applications to use on-screen keyboard when not top-most

In all versions of Unity8 a running but not active application on a large-screen device could talk with Maliit and consume keyboard input...