DRUPAL-CONTRIB-2026-039

This module configures default editorial workflows for LocalGov Drupal content types. It provides a Drupal content moderation workflow, a content approvals dashboard, content scheduling and content preview. The module doesn't sufficiently restrict access to a view of Service Contacts at which...

PT-2026-46112

This module configures default editorial workflows for LocalGov Drupal content types. It provides a Drupal content moderation workflow, a content approvals dashboard, content scheduling and content preview. The module doesn't sufficiently restrict access to a view of Service Contacts at which...

CVE-2026-38532

A Broken Object-Level Authorization BOLA in the /Contact/Persons/PersonController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily read, modify, and permanently delete any contact owned by other users via supplying a crafted GET request...

CVE-2025-43408

This CVE affects macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, and macOS Tahoe 26.1. Root cause: an under‑restricted lock device option allowed a physically present attacker to access contacts from the lock screen. The issue is fixed in the listed updates. Remediation: upgrade to macOS Sonoma 14.8.2...

CVE-2024-44139

The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to access contacts from the lock screen...

PT-2024-31013 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 18 iPadOS versions prior to 18 Description: The issue allows an attacker with physical access to potentially access contacts from the lock screen due to inadequate checks. Recommendations: For iOS versions prior to 18,...

Apple iOS and iPadOS Security Vulnerabilities

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS version 17.5 and iPadOS version 17.5, which originates from the possibility...

PT-2024-4832 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 17.5 iPadOS versions prior to 17.5 Description: The issue allows an attacker with physical access to potentially access contacts from the lock screen due to a lack of protection for certain data. This is related to the...

PT-2023-23781 · Apple · Watchos +1

Name of the Vulnerable Software and Affected Versions: watchOS versions prior to 9.5 Description: This issue allows an attacker with physical access to a locked Apple Watch to potentially view user photos or contacts via accessibility features. The issue was addressed by restricting options offer...

PT-2023-19024 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 15.7.4 iOS versions prior to 16.4 iPadOS versions prior to 15.7.4 iPadOS versions prior to 16.4 Description: A privacy issue was addressed with improved private data redaction for log entries. An app may be able to acces...

SAMSUNG Group Sharing 安全漏洞

SAMSUNG Group Sharing is a basic application from Samsung South Korea that is installed on Samsung Galaxy devices. A security vulnerability exists in SAMSUNG Group Sharing versions prior to 10.8.03.2, which can be exploited by an attacker to access contact information...

CVE-2021-30956

A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 15.2 and iPadOS 15.2. An attacker with physical access to a device may be able to see private contact information...

PT-2021-18933 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 15.1 iPadOS versions prior to 15.1 Description: A lock screen issue allowed unauthorized access to contacts on a locked device. This was possible due to inadequate state management. A local attacker could potentially vie...

Apple iOS 信息泄露漏洞

Apple iOS is a set of operating systems developed by Apple Inc. for mobile devices. Apple iOS 15.1 and iPadOS 15.1 previously contained an information disclosure vulnerability that could be exploited by a local attacker to view contacts by locking the screen...

PT-2021-18999 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 15.2 iPadOS versions prior to 15.2 Description: A lock screen issue allowed unauthorized access to contacts on a locked device. This was possible due to inadequate state management. An attacker with physical access to th...

CVE-2019-15059

In Liberty lisPBX 2.0-4, configuration backup files can be retrieved remotely from /backup/lispbx-CONF-YYYY-MM-DD.tar or /backup/lispbx-CDR-YYYY-MM-DD.tar without authentication or authorization. These configuration files have all PBX information including extension numbers, contacts, and passwor...

CVE-2021-0304

In several functions of GlobalScreenshot.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure of the user's contacts with User execution privileges needed. User interaction is not needed for exploitation. Product: Android;...

New iPhone Passcode Bypass Found Hours After Apple Releases iOS 12.1

It's only been a few hours since Apple releases iOS 12.1 and an iPhone enthusiast has managed to find a passcode bypass hack, once again, that could allow anyone to see all contacts' private information on a locked iPhone. Jose Rodriguez, a Spanish security researcher, contacted The Hacker News a...