Lucene search
K

467 matches found

NVD
NVD
added 2026/04/13 6:16 a.m.8 views

CVE-2026-21014

Improper access control in Samsung Camera prior to version 16.5.00.28 allows local attacker to access location data. User interaction is required for triggering this vulnerability...

5.1CVSS0.00085EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/13 5:4 a.m.5 views

CVE-2026-21014

Improper access control in Samsung Camera prior to version 16.5.00.28 allows local attacker to access location data. User interaction is required for triggering this vulnerability...

5.1CVSS5.8AI score0.00085EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/13 5:4 a.m.6 views

EUVD-2026-21872

Improper access control in Samsung Camera prior to version 16.5.00.28 allows local attacker to access location data. User interaction is required for triggering this vulnerability...

5.1CVSS5.8AI score0.00085EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/13 5:4 a.m.7 views

CVE-2026-21014

Improper access control in Samsung Camera prior to version 16.5.00.28 allows local attacker to access location data. User interaction is required for triggering this vulnerability...

5.1CVSS5.8AI score0.00085EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/13 5:4 a.m.28 views

CVE-2026-21014

Improper access control in Samsung Camera prior to version 16.5.00.28 allows local attacker to access location data. User interaction is required for triggering this vulnerability...

5.1CVSS0.00085EPSS
Exploits0References1
CVE
CVE
added 2026/04/13 5:4 a.m.17 views

CVE-2026-21014

The CVE affects Samsung Camera prior to version 16.5.00.28, where improper access control allows a local attacker to access the device geolocation data. Exploitation requires user interaction, and the impact is confined to confidentiality of location data. Remediation is to update Samsung Camera ...

5.1CVSS5.8AI score0.00085EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.16 views

PT-2026-32272

Improper access control in Samsung Camera prior to version 16.5.00.28 allows local attacker to access location data. User interaction is required for triggering this vulnerability...

5.1CVSS5.8AI score0.00085EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.6 views

SAMSUNG Camera 安全漏洞

Samsung Camera is a camera application developed by South Korea’s Samsung Corporation. Versions of Samsung Camera prior to 16.5.00.28 contained a security vulnerability caused by improper access control, which could allow local attackers to access location data...

5.1CVSS5.8AI score0.00085EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2026/04/11 6:2 a.m.11 views

Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data

Hungarian domestic intelligence, the national police in El Salvador, and several U.S. law enforcement and police departments have been attributed to the use of an advertising-based global geolocation surveillance system called Webloc. The tool was developed by Israeli company Cobwebs Technologies...

5.8AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/03/26 7:3 p.m.4 views

CVE-2026-29055 Tandoor Recipes: WebP and GIF Image Uploads Bypass EXIF/Metadata Stripping, Leaking GPS Coordinates and PII

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, the image processing pipeline in Tandoor Recipes explicitly skips EXIF metadata stripping, image rescaling, and size validation for WebP and GIF image formats. A...

5.3CVSS5.9AI score0.00306EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2026/03/12 12:0 a.m.212 views

📄 Alipay Open Redirect / API Attacker Payload Insertion

A single crafted URL enables a complete attack chain against Alipay mobile application users that can allow for data exfiltration. As the vendor has stated this is normal behavior with no apparent plans to address the problem, this is being published to make users aware. Alipay Mobile App -...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/13 1:30 a.m.6 views

CVE-2026-20646

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26.3. A malicious app may be able to read sensitive location information...

3.3CVSS5.4AI score0.00122EPSS
Exploits0References1
NVD
NVD
added 2026/02/11 11:16 p.m.17 views

CVE-2026-20646

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26.3. A malicious app may be able to read sensitive location information...

3.3CVSS0.00122EPSS
Exploits0References1
OSV
OSV
added 2026/02/11 11:16 p.m.5 views

CVE-2026-20646

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26.3. A malicious app may be able to read sensitive location information...

3.3CVSS5.8AI score0.00122EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/11 10:58 p.m.5 views

CVE-2026-20646

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26.3. A malicious app may be able to read sensitive location information...

5.4AI score0.00122EPSS
Exploits0References1
CVE
CVE
added 2026/02/11 10:58 p.m.27 views

CVE-2026-20646

Summary (CVE-2026-20646) : A logging issue in macOS Tahoe 26.3 allowed reading of sensitive location information due to insufficient data redaction. Multiple sources (Apple advisory references and national/cross-vendor advisories) corroborate that the issue is fixed in macOS Tahoe 26.3. The vulne...

3.3CVSS5.4AI score0.00122EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/11 10:58 p.m.7 views

CVE-2026-20646

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26.3. A malicious app may be able to read sensitive location information...

3.3CVSS5.4AI score0.00122EPSS
Exploits0References2
Schneier on Security
Schneier on Security
added 2026/01/27 12:1 p.m.5 views

The Constitutionality of Geofence Warrants

The US Supreme Court is considering the constitutionality of geofence warrants. The case centers on the trial of Okello Chatrie, a Virginia man who pleaded guilty to a 2019 robbery outside of Richmond and was sentenced to almost 12 years in prison for stealing $195,000 at gunpoint. Police probing...

5.8AI score
Exploits0
Fedora
Fedora
added 2026/01/20 1:38 a.m.7 views

[SECURITY] Fedora 42 Update: gpsd-3.25-17.fc42

gpsd is a service daemon that mediates access to a GPS sensor connected to the host computer by serial or USB interface, making its data on the location/course/velocity of the sensor available to be queried on TCP port 2947 of the host computer. With gpsd, multiple GPS client applications such as...

9.8CVSS5.9AI score0.00674EPSS
Exploits3
NVD
NVD
added 2026/01/15 6:16 p.m.6 views

CVE-2025-36911

In key-based pairing, there is a possible ID due to a logic error in the code. This could lead to remote proximal/adjacent information disclosure of user's conversations and location with no additional execution privileges needed. User interaction is not needed for exploitation...

7.1CVSS0.06942EPSS
Exploits14References2
Rows per page
Query Builder