17 matches found
PT-2026-48979
Name of the Vulnerable Software and Affected Versions Discourse versions 2026.1.0 through 2026.1.3 Discourse versions 2026.3.0 Discourse versions 2026.4.0 Description An issue exists in the GroupPostSerializer where the predicate for the :name attribute was incorrectly declared as include user lo...
EUVD-2011-4239
Malware in sbrugna...
EUVD-2025-27526
Malicious code in bioql PyPI...
EUVD-2021-32634
Malicious code in bioql PyPI...
EUVD-2023-3003
Malicious code in bioql PyPI...
PT-2023-29463 · Unknown · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost affected versions not specified Description: The issue arises from the improper validation of the "Show Full Name" option in certain endpoints within Mattermost Boards. This allows a member to obtain the full name of another user,...
SUSE CVE-2017-7847
Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. This vulnerability affects Thunderbird 52.5.2...
CVE-2020-6812
The first time AirPods are connected to an iPhone, they become named after the user's name by default e.g. Jane Doe's AirPods. Websites with camera or microphone permission are able to enumerate device names, disclosing the user's name. To resolve this issue, Firefox added a special case that...
DEBIAN-CVE-2020-6812
The first time AirPods are connected to an iPhone, they become named after the user's name by default e.g. Jane Doe's AirPods. Websites with camera or microphone permission are able to enumerate device names, disclosing the user's name. To resolve this issue, Firefox added a special case that...
Mozilla: The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission
The Mozilla Foundation Security Advisory describes this flaw as: The first time AirPods are connected to an iPhone, they become named after the user's name by default e.g. Jane Doe's AirPods. Websites with camera or microphone permission are able to enumerate device names, disclosing the user's...
Mozilla: The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission
The Mozilla Foundation Security Advisory describes this flaw as: The first time AirPods are connected to an iPhone, they become named after the user's name by default e.g. Jane Doe's AirPods. Websites with camera or microphone permission are able to enumerate device names, disclosing the user's...
Mozilla: The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission
The Mozilla Foundation Security Advisory describes this flaw as: The first time AirPods are connected to an iPhone, they become named after the user's name by default e.g. Jane Doe's AirPods. Websites with camera or microphone permission are able to enumerate device names, disclosing the user's...
ClipSoft REXPERT Information Disclosure Vulnerability
ClipSoft REXPERT is a report generation program from ClipSoft Korea. An information disclosure vulnerability exists in ClipSoft REXPERT. An attacker can exploit the vulnerability to disclose a user's name via the session file path of HTTP response data...
UBUNTU-CVE-2017-7847
Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. This vulnerability affects Thunderbird 52.5.2...
opera -- multiple vulnerabilities in Java implementation
Marc Schoenefeld reports: Opera 7.54 is vulnerable to leakage of the java sandbox, allowing malicious applets to gain unacceptable privileges. This allows them to be used for information gathering spying of local identity information and system configurations as well as causing annoying crash...
3COM Wireless router (3CRADSL72) information disclosure
The router gives you a web page with user name, password, primary and secondary DNS, default gateway, etc, if you access http://routerIP/appsta.stm without athentification of any kind. Router details: Runtime Code Version 1.05 Jan 27 2004 14:58:25 Boot Code Version V1.3d Hardware Version 01A ADSL...
CVE-2002-1325
Microsoft Virtual Machine VM build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability."...