Lucene search
K

220 matches found

Vulnrichment
Vulnrichment
added 2022/11/01 12:0 a.m.9 views

CVE-2022-32913

The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera...

5.6AI score0.00281EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/08/24 9:43 p.m.5 views

Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a cross-origin iframe referencing an XSLT document inheriting the parent domain's permissions such as microphone or camera access...

8.8CVSS7.2AI score0.00684EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/08/24 7:12 p.m.6 views

Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a cross-origin iframe referencing an XSLT document inheriting the parent domain's permissions such as microphone or camera access...

8.8CVSS7.2AI score0.00684EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/08/24 7:7 p.m.5 views

Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a cross-origin iframe referencing an XSLT document inheriting the parent domain's permissions such as microphone or camera access...

8.8CVSS7.2AI score0.00684EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/08/24 6:48 p.m.4 views

Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a cross-origin iframe referencing an XSLT document inheriting the parent domain's permissions such as microphone or camera access...

8.8CVSS7.2AI score0.00684EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/08/24 6:45 p.m.3 views

Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a cross-origin iframe referencing an XSLT document inheriting the parent domain's permissions such as microphone or camera access...

8.8CVSS7.2AI score0.00684EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/08/24 6:35 p.m.8 views

Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a cross-origin iframe referencing an XSLT document inheriting the parent domain's permissions such as microphone or camera access...

8.8CVSS7.2AI score0.00684EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/08/24 5:41 p.m.11 views

Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a cross-origin iframe referencing an XSLT document inheriting the parent domain's permissions such as microphone or camera access...

8.8CVSS7.2AI score0.00684EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/08/24 5:25 p.m.9 views

Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a cross-origin iframe referencing an XSLT document inheriting the parent domain's permissions such as microphone or camera access...

8.8CVSS7.2AI score0.00684EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/08/24 5:19 p.m.4 views

Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a cross-origin iframe referencing an XSLT document inheriting the parent domain's permissions such as microphone or camera access...

8.8CVSS7.2AI score0.00684EPSS
Exploits0References5
OSV
OSV
added 2022/08/24 12:0 a.m.7 views

UBUNTU-CVE-2022-38473

A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions such as microphone or camera access. This vulnerability affects Thunderbird 102.2, Thunderbird 91.13, Firefox ESR 91.13, Firefox ESR 102.2, and Firefox 104...

8.8CVSS7.1AI score0.00684EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2022/08/23 2:11 p.m.101 views

CVE-2022-38473

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a cross-origin iframe referencing an XSLT document inheriting the parent domain's permissions such as microphone or camera access...

8.8CVSS2AI score0.00684EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/07/21 12:0 a.m.3 views

Citilog 安全漏洞

Citilog is a video analytics and artificial intelligence application for traffic management solutions from Citilog. A security vulnerability exists in Citilog version 8.0 that stems from the presence of an authentication degradation issue. An attacker could exploit the vulnerability to achieve HT...

5.9CVSS6.1AI score0.00689EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/06/07 6:15 p.m.2 views

CVE-2022-30717

Improper caller check in AR Emoji prior to SMR Jun-2022 Release 1 allows untrusted applications to use some camera functions via deeplink...

7.5CVSS5.8AI score0.00194EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/06/07 12:0 a.m.3 views

PT-2022-20254 · Samsung · Ar Emoji

Name of the Vulnerable Software and Affected Versions: AR Emoji versions prior to SMR Jun-2022 Release 1 Description: The issue is related to an improper caller check in AR Emoji, which allows untrusted applications to use some camera functions via deeplink. Recommendations: For AR Emoji versions...

7.5CVSS7.4AI score0.00194EPSS
Exploits0References3
NVD
NVD
added 2022/03/18 6:15 p.m.28 views

CVE-2022-22598

An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 15.4 and iPadOS 15.4. An app may be able to learn information about the current camera view before being granted camera access...

3.3CVSS0.00279EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/03/18 6:15 p.m.6 views

CVE-2022-22598

An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 15.4 and iPadOS 15.4. An app may be able to learn information about the current camera view before being granted camera access...

3.3CVSS5.8AI score0.00279EPSS
Exploits0References2
Prion
Prion
added 2022/03/18 6:15 p.m.22 views

Information disclosure

An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 15.4 and iPadOS 15.4. An app may be able to learn information about the current camera view before being granted camera access...

2.1CVSS3.7AI score0.00279EPSS
Exploits0References1Affected Software2
ThreatPost
ThreatPost
added 2022/01/31 6:18 p.m.44 views

Apple Pays $100.5K Bug Bounty for Mac Webcam Hack

A researcher who showed Apple how its webcams can be hijacked via a universal cross-site scripting bug UXSS Safari bug has been awarded what is reportedly a record $100,500 bug bounty. The bug could be used by an adversary as part of an attack to gain full access to every website ever visited by...

8.6CVSS7.5AI score0.01801EPSS
Exploits0References18
ThreatPost
ThreatPost
added 2021/11/24 3:55 p.m.43 views

Apple Lawsuit Amps Up Pressure on Pegasus Spyware-Maker

In the wake of a zero-click zero-day exploit that was deployed against iPhone users, Apple has filed a lawsuit against NSO Group. The complaint alleges that the maker of the infamous Pegasus mobile spyware is responsible for the illegal surveillance of Apple users. The computing giant is looking...

7.1AI score
Exploits0References14
Rows per page
Query Builder