Vendor
MEGAFEIS
Products
2
CVEs
4
Across products
4
Status
Private
Products
2- 4 CVEs
- 0 CVEs
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-45637 | Cri | 0.64 | 9.8 | 0.01 | Mar 21, 2023 | An insecure password reset issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 service via insecure expiry mechanism. | ||
| CVE-2022-45636 | Hig | 0.53 | 8.1 | 0.01 | Mar 21, 2023 | An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker to unlock model(s) without authorization via arbitrary API requests. | ||
| CVE-2022-45635 | Hig | 0.49 | 7.5 | 0.01 | Mar 21, 2023 | An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker to gain access to sensitive account information via insecure password policy. | ||
| CVE-2022-45634 | Med | 0.28 | 4.3 | 0.01 | Mar 22, 2023 | An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows authenticated attacker to gain access to sensitive account information |
- risk 0.64cvss 9.8epss 0.01
An insecure password reset issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 service via insecure expiry mechanism.
- risk 0.53cvss 8.1epss 0.01
An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker to unlock model(s) without authorization via arbitrary API requests.
- risk 0.49cvss 7.5epss 0.01
An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker to gain access to sensitive account information via insecure password policy.
- risk 0.28cvss 4.3epss 0.01
An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows authenticated attacker to gain access to sensitive account information