CVE-2025-12408

The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 7.2.2.2 via the 'getlocation' action due to insufficient restrictions on which locations can be included. This makes it possible for...

EUVD-2016-7536

Malware in sbrugna...

EUVD-2024-52591

Malicious code in bioql PyPI...

EUVD-2023-24905

Malicious code in bioql PyPI...

CVE-2025-32347

In onStart of BiometricEnrollIntroduction.java, there is a possible way to determine the device's location due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

CVE-2023-21469

Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.GEOFENCE action...

ASB-A-388528350

In onStart of BiometricEnrollIntroduction.java, there is a possible way to determine the device's location due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

CVE-2023-20726

In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 For MT6880, MT6890, MT6980,...

CVE-2023-36862

CVE-2023-36862 describes a downgrade issue in Intel-based macOS where an app could determine a user’s current location. In the connected CNVD entry, the vulnerability is framed as an Apple macOS Ventura information-disclosure flaw that could reveal location, aligning with the NVD description. The...

Nude Videos of Kids From Hacked Baby Monitors Were Sold on Telegram

Plus: A fitness app may have leaked the location of a murdered submarine captain, the privacy risks of filing taxes online, and how Facebook data was used in an abortion trial...

CVE-2023-20726

In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 For MT6880, MT6890, MT6980,...

CVE-2023-20726

The CVE-2023-20726 entry describes a GPS location information disclosure in the MediaTek mnld module caused by a missing permission check. Impact is local information disclosure with no privileges or user interaction required (CVSS v3.1 base score 3.3, LOW). Affected component: mnld in MediaTek S...

PT-2022-14462 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-12 through Android-12L Description: In the sOpAllowSystemRestrictionBypass function of AppOpsManager.java, there is a possible leak of location information due to a missing permission check. This could lead to local...

CVE-2022-29945

DJI drone devices sold in 2017 through 2022 broadcast unencrypted information about the drone operator's physical location via the AeroScope protocol...