CVE-2021-23963

When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox 85...

Feature and Permission Policies. Security issues

Introduction In order to help enhance the user experience of their site, companies may ask to use features of your browser, such as geolocation or notifications to produce a more tailored experience. Web site developers may configure the site or allow third-party content, loaded in frames, to use...

Military, Nuclear Entities Under Target By Novel Android Malware

Researchers have uncovered two novel Android surveillanceware families being used by an advanced persistent threat APT group to target military, nuclear and election entities in Pakistan and Kashmir. The two malware families, which researchers call “Hornbill” and “SunBird,” have sophisticated...

Creepy - A Geolocation OSINT Tool. Offers Geolocation Information Gathering Through Social Networking Platforms

This project is currently not maintained. I haven't put any work on it since 2016 and with the current state of the API access to instagram and twitter, and the default settings for their geolocation features cree.py wouldn't be of much use. I will live the repository and site up for the time but...

Mozilla Firefox Access Control Error Vulnerability (CNVD-2021-07541)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability previously existed in Mozilla Firefox version 85.0. The vulnerability stems from the fact that when sharing a geolocation during a valid WebRTC share, Firefox may reset the...

Remote Code Execution (RCE)

firefox is vulnerable to Remote Code Execution. When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission...

Mozilla Firefox < 85.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 85.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-03 advisory. - Mozilla developers Sebastian Hengst, Christian Holler, Tyson Smith reported memory safety bugs present in...

Mozilla Firefox < 85.0

The version of Firefox installed on the remote Windows host is prior to 85.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-03 advisory. - Mozilla developers Sebastian Hengst, Christian Holler, Tyson Smith reported memory safety bugs present in Firefox 84...

CVE-2021-23963

When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox 85...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability previously existed in Mozilla Firefox version 85.0. The vulnerability stems from the fact that when sharing a geolocation during a valid WebRTC share, Firefox may reset the...

UBUNTU-CVE-2021-23963

When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox 85...

Exif-Gps-Tracer - A Python Script Which Allows You To Parse GeoLocation Data From Your Image Files Stored In A dataset

A python script which allows you to parse GeoLocation data from your Image files stored in a dataset.It also produces output in CSV file and also in HTML Google Maps Prerequisite To run this script fluently , 1 You should have Google Maps API 2 You should enable Map JavaScript API in Console To g...

CVE-2020-29069

getflagiplocaldb in server/mhn/ui/utils.py in Modern Honey Network MHN through 2020-11-23 allows attackers to cause a denial-of-service via an IP address that is absent from a local geolocation database, because the code tries to uppercase a return value even if that value is not a string...

CVE-2020-29069

getflagiplocaldb in server/mhn/ui/utils.py in Modern Honey Network MHN through 2020-11-23 allows attackers to cause a denial-of-service via an IP address that is absent from a local geolocation database, because the code tries to uppercase a return value even if that value is not a string...

Code injection

getflagiplocaldb in server/mhn/ui/utils.py in Modern Honey Network MHN through 2020-11-23 allows attackers to cause a denial-of-service via an IP address that is absent from a local geolocation database, because the code tries to uppercase a return value even if that value is not a string...

Modern Honey Network (MHN) Denial of Service Vulnerability

Modern Honey Network MHN is a central server for honeypot management and data collection. Modern Honey Network MHN A denial of service vulnerability exists in getflagiplocaldb in server/mhn/ui/utils.py on 2020-11-23 and earlier versions, which can be exploited by an attacker to cause a denial of...

CVE-2020-29069

getflagiplocaldb in server/mhn/ui/utils.py in Modern Honey Network MHN through 2020-11-23 allows attackers to cause a denial-of-service via an IP address that is absent from a local geolocation database, because the code tries to uppercase a return value even if that value is not a string...

CVE-2020-29069

CVE-2020-29069 affects Modern Honey Network (MHN): the function _get_flag_ip_localdb in server/mhn/ui/utils.py can cause a denial of service when an IP address not present in the local geolocation DB returns a non-string value that is uppercased. This issue exists in MHN builds through 2020-11-23...

Pwnlandia Modern Honey Network 安全漏洞

Modern Honey Network MHN is a central server for honeypot management and data collection. Modern Honey Network MHN A denial of service vulnerability exists in getflagiplocaldb in server/mhn/ui/utils.py on 2020-11-23 and earlier versions, which can be exploited by an attacker to cause a denial of...

Puncsky Touchbase.ai Information Disclosure Vulnerability

Puncsky Touchbase.ai is a web platform for interpersonal relationships by Puncsky Individual Developers. A security vulnerability exists in versions prior to touchbase.ai 2.0, which stems from a failure to strip exif data from an image, thus leaking information. Anyone with access to an image...