Lucene search
+L

19 matches found

NVD
NVD
added 2026/07/08 2:17 p.m.8 views

CVE-2026-56298

Capgo before 12.128.2 fails to strip EXIF metadata from images uploaded via the app information endpoint, exposing sensitive geolocation data. Attackers can upload images containing EXIF metadata to extract geographic location information and other embedded metadata from uploaded files...

5.3CVSS0.00187EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/08 1:49 p.m.31 views

CVE-2026-56298 Capgo - EXIF Metadata Exposure in App Information Image Upload

Capgo before 12.128.2 fails to strip EXIF metadata from images uploaded via the app information endpoint, exposing sensitive geolocation data. Attackers can upload images containing EXIF metadata to extract geographic location information and other embedded metadata from uploaded files...

5.3CVSS0.00187EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/08 1:49 p.m.5 views

EUVD-2026-42256

Capgo before 12.128.2 fails to strip EXIF metadata from images uploaded via the app information endpoint, exposing sensitive geolocation data. Attackers can upload images containing EXIF metadata to extract geographic location information and other embedded metadata from uploaded files...

5.3CVSS5.9AI score0.00187EPSS
Exploits0References2
CVE
CVE
added 2026/07/08 1:49 p.m.11 views

CVE-2026-56298

Capgo CVE-2026-56298 affects Capgo prior to 12.128.2, where the app information image upload endpoint does not strip EXIF metadata, exposing geolocation and embedded metadata. Root cause: failure to strip EXIF during upload. Impact: potential leakage of geographic location data. Remediation: upgr...

5.3CVSS5.9AI score0.00187EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/27 1:43 a.m.40 views

CVE-2025-59868 HCL Traveler for Microsoft Outlook (HTMO) is susceptible to sensitive data exposure

HCL Traveler for Microsoft Outlook HTMO is susceptible to a sensitive data exposure vulnerability which could allow an attacker to exploit application information to then attempt additional attacks and cause unknown behavior in the application...

5.5CVSS0.00108EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-25127

Malware in sbrugna...

7.5CVSS7.5AI score0.00811EPSS
Exploits0References2
Circl
Circl
added 2025/06/18 11:38 a.m.26 views

CVE-2022-50227

creationtimestamp| type| source ---|---|--- 2025-06-18 11:38:25+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18723 2025-06-18 15:53:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrveky3n2x2m...

5.5CVSS5.6AI score0.00166EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 12:30 a.m.7 views

CVE-2022-48495

Vulnerability of unauthorized access to foreground app information.Successful exploitation of this vulnerability may cause foreground app information to be obtained...

5.3CVSS6.5AI score0.003EPSS
Exploits0References1
Circl
Circl
added 2025/04/30 11:13 a.m.16 views

CVE-2025-4110

creationtimestamp| type| source ---|---|--- 2025-04-30 11:13:22+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14007 2025-04-30 13:55:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnzx4j7hll24 2025-04-30 14:34:07+00:00| seen|...

8.8CVSS6.2AI score0.0036EPSS
Exploits1References3
Circl
Circl
added 2025/01/05 11:48 p.m.12 views

CVE-2021-44967

creationtimestamp| type| source ---|---|--- 2025-01-05 23:48:22+00:00| seen| https://bsky.app/profile/gothburz.bsky.social/post/3lezsmtrtgf2c 2025-01-06 10:54:26+00:00| published-proof-of-concept| https://t.me/ckeArsenal/310 2025-01-06 13:23:51+00:00| seen| https://t.me/ZeroDayru/370 2025-01-06...

9CVSS7.6AI score0.13395EPSS
Exploits3References6
Positive Technologies
Positive Technologies
added 2024/05/07 12:0 a.m.7 views

PT-2024-18768 · Unknown · Cocktailbarservice

Name of the Vulnerable Software and Affected Versions: CocktailBarService versions prior to SMR May-2024 Release 1 Description: The issue is related to an improper access control vulnerability in the setCocktailHostCallbacks function of CocktailBarService. This vulnerability allows local attacker...

5.5CVSS6.7AI score0.00152EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2023/06/19 5:15 p.m.4 views

CVE-2022-48495

Vulnerability of unauthorized access to foreground app information.Successful exploitation of this vulnerability may cause foreground app information to be obtained...

5.3CVSS5.6AI score0.003EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2023/06/19 5:15 p.m.6 views

CVE-2022-48495

Vulnerability of unauthorized access to foreground app information.Successful exploitation of this vulnerability may cause foreground app information to be obtained...

5.3CVSS5.8AI score0.003EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/19 12:0 a.m.8 views

CVE-2022-48495

Vulnerability of unauthorized access to foreground app information.Successful exploitation of this vulnerability may cause foreground app information to be obtained...

6.5AI score0.003EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/06/19 12:0 a.m.6 views

PT-2023-15825 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue concerns unauthorized access to foreground app information. Successful exploitation may result in the obtainment of foreground app information. Recommendations: At the...

5.3CVSS5.1AI score0.003EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/02/13 4:28 p.m.6 views

CVE-2023-24804 ownCloud Android app vulnerable to Path Traversal

The ownCloud Android app allows ownCloud users to access, share, and edit files and folders. Prior to version 3.0, the app has an incomplete fix for a path traversal issue and is vulnerable to two bypass methods. The bypasses may lead to information disclosure when uploading the app’s internal...

5CVSS5.3AI score0.00524EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/04/11 8:15 p.m.2 views

CVE-2022-27575

Information exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app information without permission...

4.3CVSS5.9AI score0.00249EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/04/11 12:0 a.m.8 views

Samsung One UI Home 安全漏洞

Samsung SMR is a system patch package from South Korea's Samsung Samsung. Samsung SMR contains an information disclosure vulnerability that could be exploited by an attacker to gain unauthorized access to information about the currently launched foreground application...

4.3CVSS5.6AI score0.00249EPSS
Exploits0References2
OSV
OSV
added 2022/01/10 2:12 p.m.5 views

CVE-2022-22267

Implicit Intent hijacking vulnerability in ActivityMetricsLogger prior to SMR Jan-2022 Release 1 allows attackers to get running application information...

3.3CVSS5.8AI score0.00102EPSS
Exploits0References1
Rows per page
Query Builder