25 matches found
EUVD-2015-8558
Malware in sbrugna...
EUVD-2015-8192
Malware in sbrugna...
CVE-2024-8011
Logitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within Options+ runtime and abuse permissions granted by the user to Options+ such as Camera...
CVE-2024-8011
Logitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within Options+ runtime and abuse permissions granted by the user to Options+ such as Camera...
SUSE CVE-2023-28161
If temporary "one-time" permissions, such as the ability to use the Camera, were granted to a document loaded using a file: URL, that permission persisted in that tab for all other documents loaded from a file: URL. This is potentially dangerous if the local files came from different sources, suc...
SUSE CVE-2013-1698
The getUserMedia permission implementation in Mozilla Firefox before 22.0 references the URL of a top-level document instead of the URL of a specific page, which makes it easier for remote attackers to trick users into permitting camera or microphone access via a crafted web site that uses IFRAME...
SUSE CVE-2019-11748
WebRTC in Firefox will honor persisted permissions given to sites for access to microphone and camera resources even when in a third-party context. In light of recent high profile vulnerabilities in other software, a decision was made to no longer persist these permissions. This avoids the...
Mozilla Firefox 安全漏洞
Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The program supports IMAP and POP mail protocols as well as the HTML mail format. A security vulnerability exists in Mozilla Firefox prior to version 104,...
Mozilla: The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission
The Mozilla Foundation Security Advisory describes this flaw as: The first time AirPods are connected to an iPhone, they become named after the user's name by default e.g. Jane Doe's AirPods. Websites with camera or microphone permission are able to enumerate device names, disclosing the user's...
Mozilla: The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission
The Mozilla Foundation Security Advisory describes this flaw as: The first time AirPods are connected to an iPhone, they become named after the user's name by default e.g. Jane Doe's AirPods. Websites with camera or microphone permission are able to enumerate device names, disclosing the user's...
Mozilla: The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission
The Mozilla Foundation Security Advisory describes this flaw as: The first time AirPods are connected to an iPhone, they become named after the user's name by default e.g. Jane Doe's AirPods. Websites with camera or microphone permission are able to enumerate device names, disclosing the user's...
Mozilla: The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission
The Mozilla Foundation Security Advisory describes this flaw as: The first time AirPods are connected to an iPhone, they become named after the user's name by default e.g. Jane Doe's AirPods. Websites with camera or microphone permission are able to enumerate device names, disclosing the user's...
UBUNTU-CVE-2020-6812
The first time AirPods are connected to an iPhone, they become named after the user's name by default e.g. Jane Doe's AirPods. Websites with camera or microphone permission are able to enumerate device names, disclosing the user's name. To resolve this issue, Firefox added a special case that...
QIWI: [QIWI Wallet] Access to protected app components
Здравствуйте, я хочу сообщить об обнаруженной уязвимости в классе ru.mw.main.Main Информация о приложении Приложение: QIWI Кошелек Имя пакета: ru.mw Номер версии: 3.25.0 Код версии: 21346 Актуальность версии: Последняя Уязвимый класс: ru.mw.main.Main Уязвимость Поскольку активность ru.mw.Main...
Elevation of Privilege Vulnerability in Multiple Huawei Phones (CNVD-2016-11305)
Huawei Mate 8, Mate S, P8 are smartphones from Huawei. A security vulnerability in the form of missing parameter checking exists in several Huawei phones. The vulnerability is exploited on the premise that an attacker obtains Graphic or Camera permissions and induces the user to install a malicio...
CVE-2015-8304
Integer overflow in Huawei P7 phones with software before P7-L07 V100R001C01B606 allows remote attackers to gain privileges via a crafted application with the system or camera permission...
CVE-2015-8304
Integer overflow in Huawei P7 phones with software before P7-L07 V100R001C01B606 allows remote attackers to gain privileges via a crafted application with the system or camera permission...
CVE-2015-8681
The ovisp driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01...
CVE-2015-8225
The Joint Photographic Experts Group Processing Unit JPU driver in Huawei ALE smartphones with software before ALE-UL00C00B220 and ALE-TL00C01B220 and GEM-703L smartphones with software before V100R001C233B111 allows remote attackers to cause a denial of service crash via a crafted application wi...
Design/Logic Flaw
The Joint Photographic Experts Group Processing Unit JPU driver in Huawei ALE smartphones with software before ALE-UL00C00B220 and ALE-TL00C01B220 and GEM-703L smartphones with software before V100R001C233B111 allows remote attackers to cause a denial of service crash via a crafted application wi...