Synopsis: Secure and Private Trend Inference from Encrypted Semantic Embeddings

WhatsApp and many other commonly used communication platforms guarantee end-to-end encryption E2EE, which requires that service providers lack the cryptographic keys to read communications on their own platforms. WhatsApp's privacy-preserving design makes it difficult to study important phenomena...

CVE-2024-41713

A vulnerability in the NuPoint Unified Messaging NPM component of Mitel MiCollab through 9.8 SP1 FP2 9.8.1.201 could allow an unauthenticated attacker to conduct a path traversal attack, due to insufficient input validation. A successful exploit could allow unauthorized access, enabling the...

CVE-2024-51518

Vulnerability of message types not being verified in the advanced messaging modul Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2024-50336

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. matrix-js-sdk before 34.11.0 is vulnerable to client-side path traversal via crafted MXC URIs. A malicious room member can trigger clients based on the matrix-js-sdk to issue arbitrary authenticated GET requests to the...

CVE-2024-20118

In mms, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09062392; Issue ID: MSV-1621...

CVE-2023-30920

In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

CVE-2023-28208

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. A user may send a text from a secondary eSIM despite configuring a contact to use a primary eSIM...

CVE-2023-44129

The vulnerability is that the Messaging "com.android.mms" app patched by LG forwards attacker-controlled intents back to the attacker in the exported "com.android.mms.ui.QClipIntentReceiverActivity" activity. The attacker can abuse this functionality by launching this activity and then sending a...

CVE-2023-30919

In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

CVE-2023-41628

An issue in O-RAN Software Community E2 G-Release allows attackers to cause a Denial of Service DoS by incorrectly initiating the messaging procedure between the E2Node and E2Term components...

CVE-2023-40646

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

CVE-2023-40642

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

CVE-2023-30711

Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to insert arbitrary data to the provider...

CVE-2023-30923

In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

CVE-2023-30922

In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

CVE-2023-30921

In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

CVE-2023-30924

In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

CVE-2023-21391

In Messaging, there is a possible way to disable the messaging application due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-20655

In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07203022; Issue ID: ALPS07203022...

CVE-2023-27447

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in VeronaLabs WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc.This issue affects WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc: from n/a through 6.0.4...