CVE-2022-25820

A vulnerable design in fingerprint matching algorithm prior to SMR Mar-2022 Release 1 allows physical attackers to perform brute force attack on screen lock password...

Default credentials

A vulnerable design in fingerprint matching algorithm prior to SMR Mar-2022 Release 1 allows physical attackers to perform brute force attack on screen lock password...

CVE-2022-25820

A vulnerable design in fingerprint matching algorithm prior to SMR Mar-2022 Release 1 allows physical attackers to perform brute force attack on screen lock password...

CVE-2022-25820

CVE-2022-25820 concerns Samsung’s fingerprint matching algorithm, with a vulnerable design present before SMR Mar-2022 Release 1. It enables a physical attacker to brute-force a screen-lock password. The issue is linked to local access and high confidentiality impact per CVSS 3.1 metrics. A fix i...

Design/Logic Flaw

In Eclipse Theia versions 0.3.9 through 0.15.0, one of the default pre-packaged Theia extensions is "Mini-Browser", published as "@theia/mini-browser" on npmjs.com. This extension, for its own needs, exposes a HTTP endpoint that allows to read the content of files on the host's filesystem, given...

Xiongmai IP Cameras, NVRs and DVRs incl. 3rd party OEM devices Design Vulnerabilities

Hangzhou Xiongmai Information Technology Co., Ltd. specializes in security monitoring, video intelligence research and development. Xiongmai IP Cameras, NVRs and DVRs incl. 3rd party OEM devices have a design vulnerability where an attacker may be able to enumerate a potential cloud ID using a MA...