411 matches found
View Concept Kidsview 安全漏洞
Kidsview is a management and parent-teacher communication platform for kindergartens and childcare institutions developed by the Polish company View Concept. A security vulnerability exists in versions of the Kidsview mobile application prior to version 4.4.3. This vulnerability stems from an,...
EUVD-2026-29381
"Kura Sushi Official App" provided by EPG, Inc. is vulnerable to improper certificate validation. A man-in-the-middle attack may allow eavesdropping on, or altering, the communication on push notifications between the affected application and the relevant server...
CVE-2026-41872
"Kura Sushi Official App" provided by EPG, Inc. is vulnerable to improper certificate validation. A man-in-the-middle attack may allow eavesdropping on, or altering, the communication on push notifications between the affected application and the relevant server...
CVE-2026-41872
CVE-2026-41872 affects the “Kura Sushi Official App” from EPG, Inc. via improper certificate validation, enabling a network-based MITM on the push-notification channel. This could allow eavesdropping or alteration of push messages between the app and its server. The CVSS data indicate HIGH impact...
CVE-2026-41872
"Kura Sushi Official App" provided by EPG, Inc. is vulnerable to improper certificate validation. A man-in-the-middle attack may allow eavesdropping on, or altering, the communication on push notifications between the affected application and the relevant server...
CVE-2026-41872
"Kura Sushi Official App" provided by EPG, Inc. is vulnerable to improper certificate validation. A man-in-the-middle attack may allow eavesdropping on, or altering, the communication on push notifications between the affected application and the relevant server...
PT-2026-39937
"Kura Sushi Official App" provided by EPG, Inc. is vulnerable to improper certificate validation. A man-in-the-middle attack may allow eavesdropping on, or altering, the communication on push notifications between the affected application and the relevant server...
"Kura Sushi Official App" vulnerable to improper certificate validation
Overview "Kura Sushi Official App" provided by EPG, Inc. contains the following vulnerability. Improper certificate validation on push notifications CWE-295 - CVE-2026-41872 This analysis assumes a man-in-the-middle attack being conducted with a malicious wireless LAN access point Tsuyoshi Ogawa ...
WordPress plugin OneSignal – Web Push Notifications 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2026-32160
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
CVE-2026-32158
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
CVE-2026-32159
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
CVE-2026-26172
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
CVE-2026-26167
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
EUVD-2026-22547
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
EUVD-2026-22549
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
EUVD-2026-22546
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
EUVD-2026-22396
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
EUVD-2026-22406
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...
CVE-2026-32159
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...