CVE-2025-3652

Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnerability that allows unauthorized access to private audio recordings by exploiting sequential audio IDs and insecure assignment endpoints. Attackers can send requests to /device/deviceAudio/use with...

CVE-2025-3652

Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnerability that allows unauthorized access to private audio recordings by exploiting sequential audio IDs and insecure assignment endpoints. Attackers can send requests to /device/deviceAudio/use with...

CVE-2025-3652

Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnerability that allows unauthorized access to private audio recordings by exploiting sequential audio IDs and insecure assignment endpoints. Attackers can send requests to /device/deviceAudio/use with...

Petlibro Smart Pet Feeder Platform 安全漏洞

Petlibro Smart Pet Feeder Platform is a smart pet management system from Petlibro. A security vulnerability exists in Petlibro Smart Pet Feeder Platform version 1.7.31 and earlier, which stems from a sequential audio ID and an insecurely assigned endpoint that could lead to unauthorized access to...

CVE-2025-3652 Petlibro Smart Pet Feeder Platform through 1.7.31 Audio Information Disclosure via API endpoint

Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnerability that allows unauthorized access to private audio recordings by exploiting sequential audio IDs and insecure assignment endpoints. Attackers can send requests to /device/deviceAudio/use with...

CVE-2025-3652

Petlibro Smart Pet Feeder Platform versions up to 1.7.31 are affected by an information disclosure vulnerability. The issue arises from a flaw in using sequential audio IDs with an insecure assignment endpoint at the API path /device/deviceAudio/use, which allows an attacker to assign audio recor...

PT-2026-1180

Name of the Vulnerable Software and Affected Versions Petlibro Smart Pet Feeder Platform versions up to 1.7.31 Description The Petlibro Smart Pet Feeder Platform is affected by an information disclosure issue. This allows unauthorized access to private audio recordings. The issue stems from...

CVE-2025-30127

An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. Once access is gained either by default, common, or cracked passwords, the video recordings containing sensitive routes, conversations, and footage are open for downloading by creating a socket to command port 7777, and then...

Customer’s Use of Flawed 3rd-Party Tool Exposes 12K Twilio Call Records, Recordings

A hacker has leaked 12,000 alleged Twilio call records, including phone numbers and audio recordings. The breach exposes…...

Apple Updates Privacy Policies After Siri Audio Recording Backlash

Apple is taking steps to improve the privacy of audio collected by its Siri voice assistant, on the heels of backlash around a program that let contractors listen into Siri conversations. On Wednesday, the phone giant apologized for violating users’ privacy through the program, which was...

Google Home Captures Porn and More, Unbeknownst to Users

Google Home smart speakers and the Google Assistant virtual assistant have been caught eavesdropping without permission — capturing and recording highly personal audio of domestic violence, confidential business calls — and even some users asking their smart speakers to play porn on their connect...

Amazon sent 1,700 audio recordings of Alexa user to a stranger

By Waqas An Amazon customer in Germany under the European Union data protection law called GDPR General Data Protection Regulation requested the company to send all the data it stored on him but little did he know he was about to get his hands on a trove of 1,700 audio recordings of a stranger...

Phishing Spy Campaign Targets Top Mideast Officials

Researchers have discovered a phishing campaign that infected Android devices with custom surveillance-ware bent on extracting data from top officials, primarily in the Middle East. Researchers at Lookout Security told Threatpost that the tool, dubbed Stealth Mango, has been used to collect over ...

Eavesdropper Vulnerability Exposes Mobile Call, Text Data

UPDATE Mobile app developers who code using the Twilio cloud-based platform and are forgetful about removing their hardcoded credentials have put businesses messaging data at risk for exposure. The so-called Eavesdropper vulnerability, disclosed today by Appthority, has been around since 2011 and...

Malware Hijacks Microphones to Spy On Ukrainian Businesses, Scientists and Media

Ukraine has once again been a target of a potential hacking attack that infected computer systems from dozens of Ukrainian businesses with highly sophisticated malware, allowing hackers to exfiltrate sensitive data and eavesdrop on their network. Late last year, the country also suffered a power...

Trio of Flaws Fixed in Facebook Android App

Facebook has fixed a vulnerability in its Android app could allow an attacker to cause a denial-of-service condition on a device or run up the victim’s mobile bill by transferring large amounts of data to and from the device. The flaw lies in the way that the Facebook app handles HTTP requests. T...

Facebook For Android Information Disclosure / Open Proxy

Security advisory of Programa STIC at Fundación Dr. Manuel Sadosky www.fundacionsadosky.org.ar Vulnerabilities in Facebook and Facebook Messenger for Android 1. Advisory Information Title: Vulnerabilities in Facebook and Facebook Messenger for Android Advisory ID: STIC-2014-0529 Advisory URL:...

Sonexis ConferenceManager Information Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Netragard Security Advisory - Sonexis ConferenceManager - 20120201 POSTING NOTICE If you intend to post this advisory on your web page please create a link back to the original Netragard advisory as the contents of the advisory may change. For more...

CVE-2011-2786

Google Chrome before 13.0.782.107 does not ensure that the speech-input bubble is shown on the product's screen, which might make it easier for remote attackers to make audio recordings via a crafted web page containing an INPUT element...

CVE-2011-2786

Google Chrome before 13.0.782.107 does not ensure that the speech-input bubble is shown on the product's screen, which might make it easier for remote attackers to make audio recordings via a crafted web page containing an INPUT element...