29 matches found
CVE-2018-14990
The Coolpad Defiant device with a build fingerprint of Coolpad/cp3632a/cp3632a:7.1.1/NMF26F/099480857:user/release-keys, the ZTE ZMAX Pro with a build fingerprint of ZTE/P895T20/urd:6.0.1/MMB29M/20170418.114928:user/release-keys, and the T-Mobile Revvl Plus with a build fingerprint of...
CVE-2010-0384
Tor 0.2.2.x before 0.2.2.7-alpha, when functioning as a directory mirror, does not prevent logging of the client IP address upon detection of erroneous client behavior, which might make it easier for local users to discover the identities of clients in opportunistic circumstances by reading log...
EUVD-2021-0724
Malware in sbrugna...
EUVD-2018-6865
Malware in sbrugna...
EUVD-2019-6352
Malware in sbrugna...
EUVD-2016-9355
Malware in sbrugna...
EUVD-2019-6389
Malware in sbrugna...
EUVD-2025-3978
Malicious code in bioql PyPI...
CVE-2024-40594
The OpenAI ChatGPT app before 2024-07-05 for macOS opts out of the sandbox, and stores conversations in cleartext in a location accessible to other apps...
CVE-2021-41767
Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an authenticated user who already has permission to access a particular connection to read from or interact with another user's active use of that...
CVE-2021-41329
Datalust Seq before 2021.2.6259 allows users with view filters applied to their accounts to see query results not constrained by their view filter. This information exposure, caused by an internal cache key collision, occurs when the user's view filter includes an array or IN clause, and when...
CVE-2020-8506
The Global TV application 2.3.2 for Android and 4.7.5 for iOS sends Unencrypted Analytics...
CVE-2019-15341
The Tecno Camon iAir 2 Plus Android device with a build fingerprint of TECNO/H622/TECNO-ID3k:8.1.0/O11019/E-180914V83:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...
CVE-2025-24315
Unauthenticated attackers can add devices of other users to their scenes or arbitrary scenes of other arbitrary users...
CVE-2025-29868 Apache Answer: Using externally referenced images can leak user privacy.
Private Data Structure Returned From A Public Method vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.2. If a user uses an externally referenced image, when a user accesses this image, the provider of the image may obtain private information about the ip address of th...
CVE-2025-2201
Broken access control vulnerability in the IcProgress Innovación y Cualificación plugin. This vulnerability allows an attacker to obtain sensitive information about other users such as public IP addresses, messages with other users and more...
GHSA-H6W8-27PH-C385 Leantime has Insufficiently Protected Credentials
Due to improper cache control an attacker can view sensitive information even if they are not logged into the account anymore. Additional Information: 1.The issue was identified during routine security testing. 2.This vulnerability poses a significant risk to user privacy and data security...
CVE-2024-13740
CVE-2024-13740 affects ProfileGrid – User Profiles, Groups and Communities (ProfileGrid) for WordPress. Root cause: Insecure Direct Object Reference via pm_messenger_show_messages with missing validation on a user-controlled key. Impact: authenticated users with Subscriber+ access can read privat...
CVE-2024-12993 Location information exposure in Infinix Weather app
Infinix devices contain a pre-loaded "com.rlk.weathers" application, that exposes an unsecured content provider. An attacker can communicate with the provider and reveal the user’s location without any privileges. After multiple attempts to contact the vendor we did not receive any answer. We...
CVE-2024-55946 Playloom Engine Data Storage Vulnerability
Playloom Engine is an open-source, high-performance game development engine. Engine Beta v0.0.1 has a security vulnerability related to data storage, specifically when using the collaboration features. When collaborating with another user, they may have access to personal information you have...