Apple Live Caller ID Privacy Concerns

Apple's oblivious HTTP relay for Live Caller ID Lookup iOS 18+ routes traffic through 14 third-party endpoints across six countries. These include an anonymous Delaware LLC sharing data with OpenAI, a Russian endpoint Yandex, and a Swiss GmbH whose privacy policy names "The Legal Entity to be...

CVE-2026-2954

A vulnerability was found in Dromara UJCMS 10.0.2. Impacted is the function importChanel of the file /api/backend/ext/import-data/import-channel of the component ImportDataController. Performing a manipulation of the argument driverClassName/url results in injection. It is possible to initiate th...

CVE-2026-2954 Dromara UJCMS ImportDataController import-channel importChanel injection

A vulnerability was found in Dromara UJCMS 10.0.2. Impacted is the function importChanel of the file /api/backend/ext/import-data/import-channel of the component ImportDataController. Performing a manipulation of the argument driverClassName/url results in injection. It is possible to initiate th...

CVE-2026-2954

Dromara UJCMS 10.0.2 is affected in the ImportDataController.importChanel (file /api/backend/ext/import-data/import-channel). The root cause is injection via manipulation of the arguments driverClassName and url, enabling remote exploitation. Public exploit details exist. Red Hat and PT-Security ...

PT-2026-21455

Name of the Vulnerable Software and Affected Versions Dromara UJCMS version 10.0.2 Description A flaw exists in Dromara UJCMS version 10.0.2 within the ImportDataController component. Specifically, the importChanel function, located in the file /api/backend/ext/import-data/import-channel, is...

PT-2025-53714

Name of the Vulnerable Software and Affected Versions GreenCMS versions prior to 2.3 Description A flaw exists in GreenCMS up to version 2.3 within the File Handler component, specifically in the /DataController.class.php file. Manipulation of the sqlFiles/zipFiles argument can lead to path...

EUVD-2016-5489

Malware in sbrugna...

EUVD-2016-5488

Malware in sbrugna...

GHSA-82VR-5769-6358 Ethyca Fides Cryptographically Weak Generation of One-Time Codes for Identity Verification

Impact The Fides Privacy Center allows data subject users to submit privacy and consent requests to data controller users of the Fides web application. Privacy requests allow data subjects to submit a request to access all person data held by the data controller, or delete/erase it. Consent reque...

Ethyca Fides Cryptographically Weak Generation of One-Time Codes for Identity Verification

Impact The Fides Privacy Center allows data subject users to submit privacy and consent requests to data controller users of the Fides web application. Privacy requests allow data subjects to submit a request to access all person data held by the data controller, or delete/erase it. Consent reque...

CVE-2023-48224

Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. The Fides Privacy Center allows data subject users to submit privacy and consent requests to data controller use...

CVE-2023-48224 Cryptographically Weak Generation of One-Time Codes for Identity Verification in ethyca-fides

Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. The Fides Privacy Center allows data subject users to submit privacy and consent requests to data controller use...

CVE-2023-48224

CVE-2023-48224 affects Fides (Privacy Center) where one-time verification codes are generated using Python’s weak random module. The root cause is a cryptographically weak pseudo-random number generator, allowing an attacker who observes several hundred codes to predict future codes within the ba...

CVE-2023-48224 Cryptographically Weak Generation of One-Time Codes for Identity Verification in ethyca-fides

Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. The Fides Privacy Center allows data subject users to submit privacy and consent requests to data controller use...

CVE-2023-47114

Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in your runtime environment, and the enforcement of privacy regulations in your code. The Fides web application allows data subject users to request access to their personal data. If the...

Opera Privacy Statement Update 2019

Privacy Opera Privacy Statement Update 2019 Share February 7th, 2019 This is an outdated article. Please read Opera Privacy Statement Update 2022 instead. We have recently updated our end-user license agreements and our terms of service have been updated as well. We are also about to update our...

IoT Insecurity: Top Connected Device Security Concerns

It’s a coin toss whether or not that Internet of Things device you depend on is secure. Those unacceptable 50/50 odds come from a survey by IOActive where technology professionals were asked about the security of connected devices from thermostats, security cameras to alarm systems. Those numbers...

The plant controller has a remote vulnerability and no patch-vulnerability warning-the black bar safety net

Power station use of an industrial control system has not patched the vulnerability, an attacker can remotely exploit it to gain network control. Remedy method? Turning off the function or replace the equipment. Power station use of an industrial control system has not patched the vulnerability, ...

Easily using Vulnerability CVE-2 0 1 6-4 5 0 2 ranged attack power plants-vulnerability warning-the black bar safety net

! Repair hopeless? You can only deactivate the function or replace the device! Recently,without a patch the vulnerability, CVE-2 0 1 6-4 5 0 2 be found use in industrial control systems,has now been found that power plants use industrial control system may be severely affected,contrive evil...

环境系统公司8832数据控制器远程代码执行漏洞

No description provided by source...