220 matches found
CVE-2022-32913
The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera...
Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a cross-origin iframe referencing an XSLT document inheriting the parent domain's permissions such as microphone or camera access...
Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a cross-origin iframe referencing an XSLT document inheriting the parent domain's permissions such as microphone or camera access...
Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a cross-origin iframe referencing an XSLT document inheriting the parent domain's permissions such as microphone or camera access...
Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a cross-origin iframe referencing an XSLT document inheriting the parent domain's permissions such as microphone or camera access...
Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a cross-origin iframe referencing an XSLT document inheriting the parent domain's permissions such as microphone or camera access...
Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a cross-origin iframe referencing an XSLT document inheriting the parent domain's permissions such as microphone or camera access...
Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a cross-origin iframe referencing an XSLT document inheriting the parent domain's permissions such as microphone or camera access...
Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a cross-origin iframe referencing an XSLT document inheriting the parent domain's permissions such as microphone or camera access...
Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a cross-origin iframe referencing an XSLT document inheriting the parent domain's permissions such as microphone or camera access...
UBUNTU-CVE-2022-38473
A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions such as microphone or camera access. This vulnerability affects Thunderbird 102.2, Thunderbird 91.13, Firefox ESR 91.13, Firefox ESR 102.2, and Firefox 104...
CVE-2022-38473
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a cross-origin iframe referencing an XSLT document inheriting the parent domain's permissions such as microphone or camera access...
Citilog 安全漏洞
Citilog is a video analytics and artificial intelligence application for traffic management solutions from Citilog. A security vulnerability exists in Citilog version 8.0 that stems from the presence of an authentication degradation issue. An attacker could exploit the vulnerability to achieve HT...
CVE-2022-30717
Improper caller check in AR Emoji prior to SMR Jun-2022 Release 1 allows untrusted applications to use some camera functions via deeplink...
PT-2022-20254 · Samsung · Ar Emoji
Name of the Vulnerable Software and Affected Versions: AR Emoji versions prior to SMR Jun-2022 Release 1 Description: The issue is related to an improper caller check in AR Emoji, which allows untrusted applications to use some camera functions via deeplink. Recommendations: For AR Emoji versions...
CVE-2022-22598
An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 15.4 and iPadOS 15.4. An app may be able to learn information about the current camera view before being granted camera access...
CVE-2022-22598
An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 15.4 and iPadOS 15.4. An app may be able to learn information about the current camera view before being granted camera access...
Information disclosure
An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 15.4 and iPadOS 15.4. An app may be able to learn information about the current camera view before being granted camera access...
Apple Pays $100.5K Bug Bounty for Mac Webcam Hack
A researcher who showed Apple how its webcams can be hijacked via a universal cross-site scripting bug UXSS Safari bug has been awarded what is reportedly a record $100,500 bug bounty. The bug could be used by an adversary as part of an attack to gain full access to every website ever visited by...
Apple Lawsuit Amps Up Pressure on Pegasus Spyware-Maker
In the wake of a zero-click zero-day exploit that was deployed against iPhone users, Apple has filed a lawsuit against NSO Group. The complaint alleges that the maker of the infamous Pegasus mobile spyware is responsible for the illegal surveillance of Apple users. The computing giant is looking...