Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:33 a.m.4 views

CVE-2019-16242

On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineering application named omamock that is vulnerable to OS command injection. An attacker with physical access to the device can abuse this vulnerability to execute arbitrary OS commands as the root user via the application's UI...

7.2CVSS8AI score0.01123EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:30 a.m.7 views

CVE-2019-16241

On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, PIN authentication can be bypassed by creating a special file within the /data/local/tmp/ directory. The System application that implements the lock screen checks for the existence of a specific file and disables PIN authentication if it exists. Thi...

6.8CVSS7.1AI score0.00478EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:30 a.m.10 views

CVE-2019-16243

On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an undocumented web API that allows unprivileged JavaScript, including JavaScript running within the KaiOS browser, to view and edit the device's firmware over-the-air update settings. This web API is normally used by the system application...

6.1CVSS6.9AI score0.00746EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-7050

Malware in sbrugna...

6.1CVSS6.3AI score0.00746EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-7049

Malware in sbrugna...

7.2CVSS6.6AI score0.01123EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-7048

Malware in sbrugna...

6.8CVSS6.6AI score0.00478EPSS
Exploits1References3
OSV
OSV
added 2019/11/26 4:15 p.m.3 views

CVE-2019-16242

On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineering application named omamock that is vulnerable to OS command injection. An attacker with physical access to the device can abuse this vulnerability to execute arbitrary OS commands as the root user via the application's UI...

6.8CVSS6.9AI score0.01123EPSS
Exploits1References2
NVD
NVD
added 2019/11/26 4:15 p.m.24 views

CVE-2019-16241

On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, PIN authentication can be bypassed by creating a special file within the /data/local/tmp/ directory. The System application that implements the lock screen checks for the existence of a specific file and disables PIN authentication if it exists. Thi...

6.8CVSS6.7AI score0.00478EPSS
Exploits1References2
NVD
NVD
added 2019/11/26 4:15 p.m.19 views

CVE-2019-16243

On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an undocumented web API that allows unprivileged JavaScript, including JavaScript running within the KaiOS browser, to view and edit the device's firmware over-the-air update settings. This web API is normally used by the system application...

6.1CVSS6.3AI score0.00746EPSS
Exploits1References2
Prion
Prion
added 2019/11/26 4:15 p.m.18 views

Command injection

On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineering application named omamock that is vulnerable to OS command injection. An attacker with physical access to the device can abuse this vulnerability to execute arbitrary OS commands as the root user via the application's UI...

7.2CVSS7.1AI score0.01123EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2019/11/26 4:15 p.m.19 views

Authentication flaw

On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, PIN authentication can be bypassed by creating a special file within the /data/local/tmp/ directory. The System application that implements the lock screen checks for the existence of a specific file and disables PIN authentication if it exists. Thi...

4.6CVSS6.7AI score0.00478EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2019/11/26 4:15 p.m.15 views

Code injection

On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an undocumented web API that allows unprivileged JavaScript, including JavaScript running within the KaiOS browser, to view and edit the device's firmware over-the-air update settings. This web API is normally used by the system application...

4.3CVSS6.2AI score0.00746EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2019/11/26 3:33 p.m.25 views

CVE-2019-16241

On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, PIN authentication can be bypassed by creating a special file within the /data/local/tmp/ directory. The System application that implements the lock screen checks for the existence of a specific file and disables PIN authentication if it exists. Thi...

6.7AI score0.00478EPSS
Exploits1References2
Cvelist
Cvelist
added 2019/11/26 3:31 p.m.20 views

CVE-2019-16243

On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an undocumented web API that allows unprivileged JavaScript, including JavaScript running within the KaiOS browser, to view and edit the device's firmware over-the-air update settings. This web API is normally used by the system application...

6.3AI score0.00746EPSS
Exploits1References2
Cvelist
Cvelist
added 2019/11/26 3:30 p.m.24 views

CVE-2019-16242

On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineering application named omamock that is vulnerable to OS command injection. An attacker with physical access to the device can abuse this vulnerability to execute arbitrary OS commands as the root user via the application's UI...

7.2AI score0.01123EPSS
Exploits1References2
Rows per page
Query Builder