19 matches found
CVE-2026-56298
Capgo before 12.128.2 fails to strip EXIF metadata from images uploaded via the app information endpoint, exposing sensitive geolocation data. Attackers can upload images containing EXIF metadata to extract geographic location information and other embedded metadata from uploaded files...
CVE-2026-56298 Capgo - EXIF Metadata Exposure in App Information Image Upload
Capgo before 12.128.2 fails to strip EXIF metadata from images uploaded via the app information endpoint, exposing sensitive geolocation data. Attackers can upload images containing EXIF metadata to extract geographic location information and other embedded metadata from uploaded files...
EUVD-2026-42256
Capgo before 12.128.2 fails to strip EXIF metadata from images uploaded via the app information endpoint, exposing sensitive geolocation data. Attackers can upload images containing EXIF metadata to extract geographic location information and other embedded metadata from uploaded files...
CVE-2026-56298
Capgo CVE-2026-56298 affects Capgo prior to 12.128.2, where the app information image upload endpoint does not strip EXIF metadata, exposing geolocation and embedded metadata. Root cause: failure to strip EXIF during upload. Impact: potential leakage of geographic location data. Remediation: upgr...
CVE-2025-59868 HCL Traveler for Microsoft Outlook (HTMO) is susceptible to sensitive data exposure
HCL Traveler for Microsoft Outlook HTMO is susceptible to a sensitive data exposure vulnerability which could allow an attacker to exploit application information to then attempt additional attacks and cause unknown behavior in the application...
EUVD-2021-25127
Malware in sbrugna...
CVE-2022-50227
creationtimestamp| type| source ---|---|--- 2025-06-18 11:38:25+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18723 2025-06-18 15:53:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrveky3n2x2m...
CVE-2022-48495
Vulnerability of unauthorized access to foreground app information.Successful exploitation of this vulnerability may cause foreground app information to be obtained...
CVE-2025-4110
creationtimestamp| type| source ---|---|--- 2025-04-30 11:13:22+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14007 2025-04-30 13:55:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnzx4j7hll24 2025-04-30 14:34:07+00:00| seen|...
CVE-2021-44967
creationtimestamp| type| source ---|---|--- 2025-01-05 23:48:22+00:00| seen| https://bsky.app/profile/gothburz.bsky.social/post/3lezsmtrtgf2c 2025-01-06 10:54:26+00:00| published-proof-of-concept| https://t.me/ckeArsenal/310 2025-01-06 13:23:51+00:00| seen| https://t.me/ZeroDayru/370 2025-01-06...
PT-2024-18768 · Unknown · Cocktailbarservice
Name of the Vulnerable Software and Affected Versions: CocktailBarService versions prior to SMR May-2024 Release 1 Description: The issue is related to an improper access control vulnerability in the setCocktailHostCallbacks function of CocktailBarService. This vulnerability allows local attacker...
CVE-2022-48495
Vulnerability of unauthorized access to foreground app information.Successful exploitation of this vulnerability may cause foreground app information to be obtained...
CVE-2022-48495
Vulnerability of unauthorized access to foreground app information.Successful exploitation of this vulnerability may cause foreground app information to be obtained...
CVE-2022-48495
Vulnerability of unauthorized access to foreground app information.Successful exploitation of this vulnerability may cause foreground app information to be obtained...
PT-2023-15825 · Huawei · Emui +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue concerns unauthorized access to foreground app information. Successful exploitation may result in the obtainment of foreground app information. Recommendations: At the...
CVE-2023-24804 ownCloud Android app vulnerable to Path Traversal
The ownCloud Android app allows ownCloud users to access, share, and edit files and folders. Prior to version 3.0, the app has an incomplete fix for a path traversal issue and is vulnerable to two bypass methods. The bypasses may lead to information disclosure when uploading the app’s internal...
CVE-2022-27575
Information exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app information without permission...
Samsung One UI Home 安全漏洞
Samsung SMR is a system patch package from South Korea's Samsung Samsung. Samsung SMR contains an information disclosure vulnerability that could be exploited by an attacker to gain unauthorized access to information about the currently launched foreground application...
CVE-2022-22267
Implicit Intent hijacking vulnerability in ActivityMetricsLogger prior to SMR Jan-2022 Release 1 allows attackers to get running application information...