7 matches found
EUVD-2026-10172
Parse Server: JWT audience validation bypass in Google, Apple, and Facebook authentication adapters...
A week in security (May 1 - 7)
Last week on Malwarebytes Labs: How to protect your small business from social engineering Microsoft: You're already using the last version of Windows 10 Is it OK to train an AI on your images, without permission? Upcoming webinar: Is EDR or MDR better for your business? Google Authenticator WILL...
CVE-2021-31815
GAEN aka Google/Apple Exposure Notifications through 2021-04-27 on Android allows attackers to obtain sensitive information, such as a user's location history, in-person social graph, and sometimes COVID-19 infection status, because Rolling Proximity Identifiers and MAC addresses are written to t...
Design/Logic Flaw
GAEN aka Google/Apple Exposure Notifications through 2021-04-27 on Android allows attackers to obtain sensitive information, such as a user's location history, in-person social graph, and sometimes COVID-19 infection status, because Rolling Proximity Identifiers and MAC addresses are written to t...
CVE-2020-24722
An issue was discovered in the GAEN aka Google/Apple Exposure Notifications protocol through 2020-10-05, as used in COVID-19 applications on Android and iOS. The encrypted metadata block with a TX value lacks a checksum, allowing bitflipping to amplify a contamination attack. This can cause...
CVE-2020-24721
An issue was discovered in the GAEN aka Google/Apple Exposure Notifications protocol through 2020-09-29, as used in COVID-19 applications on Android and iOS. It allows a user to be put in a position where he or she can be coerced into proving or disproving an exposure notification, because of the...
CVE-2020-24721
An issue was discovered in the GAEN aka Google/Apple Exposure Notifications protocol through 2020-09-29, as used in COVID-19 applications on Android and iOS. It allows a user to be put in a position where he or she can be coerced into proving or disproving an exposure notification, because of the...