15 matches found
EUVD-2025-21904
Malicious code in bioql PyPI...
EUVD-2025-21905
Malicious code in bioql PyPI...
CVE-2025-45156
Splashin iOS v2.0 fails to enforce server-side interval restrictions for location updates for free-tier users...
CVE-2025-45157
Insecure permissions in Splashin iOS v2.0 allow unauthorized attackers to access location data for specific users...
CVE-2025-45157
Insecure permissions in Splashin iOS v2.0 allow unauthorized attackers to access location data for specific users...
CVE-2025-45157
Insecure permissions in Splashin iOS v2.0 allow unauthorized attackers to access location data for specific users...
CVE-2025-45156
Splashin iOS v2.0 fails to enforce server-side interval restrictions for location updates for free-tier users...
Splashin iOS 安全漏洞
Splashin iOS is an iOS application from Splashin, Inc. A security vulnerability exists in Splashin iOS version v2.0, which stems from improperly set permissions and could lead to location data leakage...
Splashin iOS 安全漏洞
Splashin iOS is an iOS application by Splashin, Inc. A security vulnerability exists in Splashin iOS version v2.0, which stems from not enforcing server-side interval limits and could lead to location data disclosure...
CVE-2025-45156
Splashin iOS v2.0 fails to enforce server-side interval restrictions for location updates for free-tier users...
CVE-2025-45157
Insecure permissions in Splashin iOS v2.0 allow unauthorized attackers to access location data for specific users...
PT-2025-30063 · Splashin · Splashin
Name of the Vulnerable Software and Affected Versions: Splashin iOS version 2.0 Description: The Splashin iOS application version 2.0 does not enforce server-side interval restrictions for location updates for free-tier users. Recommendations: Update to a newer version that contains a fix for thi...
CVE-2025-45157
Summary: CVE-2025-45157 affects Splashin iOS v2.0, where insecure permissions could allow unauthorized access to users’ location data. The publicly documented impact is “location data leakage” with a CVSS v3.1 base score of 6.5 (Medium). Reported information consistently states the issue but prov...
CVE-2025-45156
Splashin iOS v2.0 is affected by a vulnerability where the application does not enforce server-side interval restrictions for location updates for free-tier users. The root cause is the lack of enforcement of update intervals on the server side, as described in PT-2025-30063. The impact is the po...
PT-2025-30064 · Splashin · Splashin
Name of the Vulnerable Software and Affected Versions: Splashin iOS version 2.0 Description: Insecure permissions allow unauthorized attackers to access location data for specific users. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...