CVE-2023-52546

CVE-2023-52546 concerns Huawei HarmonyOS/EMUI Calendar app where package name verification can be bypassed. Root cause described across connected sources as an authentication bypass in the Calendar component, enabling potential confidentiality impact. CVSS metrics (NETWORK, HIGH impact to confide...

CVE-2023-52544

CVE-2023-52544 is a file path verification bypass in Huawei HarmonyOS/EMUI email module. The root cause is improper file path handling within the email component, leading to potential confidentiality impact. CVSSv3.1 metrics indicate a low-severity, network-scope issue with low privileges and no ...

GHSA-5MMW-P5QV-W3X5 Always incorrect control flow in github.com/mojocn/base64Captcha

When using the default implementation of Verify to check a Captcha, verification can be bypassed. For example, if the first parameter is a non-existent id, the second parameter is an empty string, and the third parameter is true, the function will always consider the Captcha to be correct...

Always incorrect control flow in github.com/mojocn/base64Captcha

When using the default implementation of Verify to check a Captcha, verification can be bypassed. For example, if the first parameter is a non-existent id, the second parameter is an empty string, and the third parameter is true, the function will always consider the Captcha to be correct...

iu.myschooling.net Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1149240 Security Researcher DakkarKey Helped patch 407 vulnerabilities Received 6 Coordinated Disclosure badges Received 14 recommendations , a holder of 6 badges for responsible and coordinated disclosure, found a security vulnerability affecting iu.myschooling.net websit...