Lucene search
K

220 matches found

Malwarebytes
Malwarebytes
added 2026/04/16 12:40 p.m.8 views

Browser Guard gets even better with Access Control

Have you ever been on a website when a pop-up suddenly asked for access to your camera, microphone, location, or notifications? Whether you clicked “allow,” dismissed it, or just wondered why it appeared, those permission requests aren’t always harmless. Some sites can abuse those permissions. Wi...

5.8AI score
Exploits0
Cvelist
Cvelist
added 2026/03/26 5:6 p.m.21 views

CVE-2026-33470 Frigate has cross-camera snapshot disclosure via unrestricted timeline IDs and missing authorization in /api/events/{event_id}/snapshot-clean.webp

Frigate is a network video recorder NVR with realtime local object detection for IP cameras. In version 0.17.0, a low-privilege authenticated user restricted to one camera can access snapshots from other cameras. This is possible through a chain of two authorization problems: /api/timeline return...

6.5CVSS0.00305EPSS
Exploits1References1
OSV
OSV
added 2026/03/26 5:6 p.m.5 views

CVE-2026-33470 Frigate has cross-camera snapshot disclosure via unrestricted timeline IDs and missing authorization in /api/events/{event_id}/snapshot-clean.webp

Frigate is a network video recorder NVR with realtime local object detection for IP cameras. In version 0.17.0, a low-privilege authenticated user restricted to one camera can access snapshots from other cameras. This is possible through a chain of two authorization problems: /api/timeline return...

6.5CVSS5.9AI score0.00305EPSS
Exploits1References3
Malwarebytes
Malwarebytes
added 2026/03/03 12:10 p.m.9 views

Chrome flaw let extensions hijack Gemini’s camera, mic, and file access

Chrome’s Gemini “Live in Chrome” panel Gemini’s embedded, agent-style assistant mode within Chrome had a high‑severity vulnerability tracked as CVE‑2026‑0628. The flaw let a low‑privilege extension inject code into the Gemini side panel and inherit its powerful capabilities, including local file...

8.8CVSS6AI score0.06545EPSS
Exploits2
ICS
ICS
added 2026/02/17 7:0 a.m.10 views

Honeywell HIB2PI CCTV Camera (Update B)

RISK EVALUATION Successful exploitation of this vulnerability could lead to account takeovers and unauthorized access to camera feeds; an unauthenticated attacker may change the recovery email address, potentially leading to further network compromise. 2. RECOMMENDED PRACTICES CISA recommends...

9.8CVSS7.5AI score0.00833EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2026/01/09 9:50 a.m.5 views

CVE-2020-24003

Microsoft Skype through 8.59.0.77 on macOS has the disable-library-validation entitlement, which allows a local process with the user's privileges to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Skype Client's microphone and camera access...

3.3CVSS6.4AI score0.01164EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/06 5:7 p.m.4 views

CVE-2026-21633

A malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi Protect Camera by exploiting a discovery protocol vulnerability in the Unifi Protect Application Version 6.1.79 and earlier. Affected Products: UniFi Protect Application Version 6.1.79 and earlier...

8.8CVSS6.8AI score0.00401EPSS
Exploits0References1
NVD
NVD
added 2026/01/05 5:15 p.m.5 views

CVE-2026-21633

A malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi Protect Camera by exploiting a discovery protocol vulnerability in the Unifi Protect Application Version 6.1.79 and earlier. Affected Products: UniFi Protect Application Version 6.1.79 and earlier...

8.8CVSS0.00401EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/05 4:47 p.m.4 views

EUVD-2026-0828

A malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi Protect Camera by exploiting a discovery protocol vulnerability in the Unifi Protect Application Version 6.1.79 and earlier. Affected Products: UniFi Protect Application Version 6.1.79 and earlier...

8.8CVSS6.2AI score0.00401EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/05 4:47 p.m.28 views

CVE-2026-21633

A malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi Protect Camera by exploiting a discovery protocol vulnerability in the Unifi Protect Application Version 6.1.79 and earlier. Affected Products: UniFi Protect Application Version 6.1.79 and earlier...

8.8CVSS0.00401EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/05 4:47 p.m.6 views

CVE-2026-21633

A malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi Protect Camera by exploiting a discovery protocol vulnerability in the Unifi Protect Application Version 6.1.79 and earlier. Affected Products: UniFi Protect Application Version 6.1.79 and earlier...

8.8CVSS6.4AI score0.00401EPSS
Exploits0References1
NVD
NVD
added 2026/01/04 12:15 a.m.7 views

CVE-2025-3653

Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an improper access control vulnerability that allows unauthorized device manipulation by accepting arbitrary serial numbers without ownership verification. Attackers can control any device by sending serial numbers to device contro...

9.8CVSS0.00216EPSS
Exploits0References2
CVE
CVE
added 2025/11/06 10:15 p.m.38 views

CVE-2025-12636

The CVE-2025-12636 affects Ubia/NVR Ubia camera ecosystem (notably Ubia Ubox). Root cause: insufficient protection of API credentials, enabling an attacker to connect to backend services. Impact (per sources): unauthorized access to cameras, allowing viewing live feeds and potential modification ...

7.1CVSS6.7AI score0.0025EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/05 2:14 a.m.5 views

CVE-2025-43450

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1. An app may be able to learn information about the current camera view before being granted camera access...

7.5CVSS5.7AI score0.00367EPSS
Exploits0References1
NVD
NVD
added 2025/11/04 2:15 a.m.6 views

CVE-2025-43450

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1. An app may be able to learn information about the current camera view before being granted camera access...

7.5CVSS0.00367EPSS
Exploits0References2
OSV
OSV
added 2025/11/04 2:15 a.m.3 views

CVE-2025-43450

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1. An app may be able to learn information about the current camera view before being granted camera access...

7.5CVSS5.8AI score0.00367EPSS
Exploits0References2
CVE
CVE
added 2025/11/04 1:17 a.m.13 views

CVE-2025-43450

CVE-2025-43450 describes a logic issue in Apple iOS/iPadOS where an app may learn information about the current camera view before being granted camera access. The issue is fixed in iOS 18.7.2 / iPadOS 18.7.2 and in iOS 26.1 / iPadOS 26.1. Affected products: iPhone XS and later, iPad Pro models, ...

7.5CVSS5.2AI score0.00367EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2025/11/04 1:17 a.m.3 views

CVE-2025-43450

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1. An app may be able to learn information about the current camera view before being granted camera access...

5.2AI score0.00367EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/04 1:17 a.m.7 views

CVE-2025-43450

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1. An app may be able to learn information about the current camera view before being granted camera access...

0.00367EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.6 views

PT-2025-44884

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An app may be able to learn information about the current camera view before being granted camera access...

7.5CVSS5.8AI score0.00367EPSS
Exploits0References3
Rows per page
Query Builder