Tag: CVE

  • Privilege escalation from user operator to System administrator

    CVE 2022-38351 Product & Service Introduction: BioStar 2 is a web-based, open, and integrated security platform that provides comprehensive functionality for access control, time & attendance management, visitor management, and video log maintenance. It encrypts all personal data available and supports both SDKs and web APIs to integrate BioStar 2 with third-party software. In addition, […]

  • PII Exposure On Oracle E-Business Suite

    Summary: CVE-2022-21567 On 23 May 2022 I discovered and reported a security issue on one of Oracle Products “Oracle E-Business Suite” the vulnerability has been patched on the latest version Oracle security team recommend using the latest version. Technical Description: PII Exposure was found on “Oracle E-Business Suite” The issue allows an authenticated attacker to […]