Lucene search
K

5 matches found

CVE
CVE
added 2026/06/24 11:53 a.m.8 views

CVE-2026-56302

Capgo before 12.128.2 uses an unsecured Supabase images bucket with no row-level security, allowing unauthenticated read, insert, and delete operations on stored app icons. This misconfiguration enables attackers to delete all icons and leak sensitive app IDs and user IDs. The connected documents...

6.9CVSS5.9AI score0.00208EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/06/30 12:0 a.m.8 views

The vulnerability of the EMUI operating system of HarmonyOS, related to bypassing authentication through spoofing, allows attackers to hide application icons on the desktop in order to prevent their deletion.

The vulnerability of the EMUI operating system of HarmonyOS relates to the bypassing of authentication processes through spoofing. Exploiting this vulnerability allows a malicious actor to conceal application icons on the desktop, thereby preventing their deletion...

5.3CVSS5.9AI score0.00281EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/30 12:0 a.m.8 views

The vulnerability of the EMUI operating system of HarmonyOS, related to bypassing authentication through spoofing, allows attackers to hide application icons on the desktop in order to prevent their deletion.

The vulnerability of the EMUI operating system of HarmonyOS relates to the bypassing of authentication processes through spoofing. Exploiting this vulnerability allows a malicious actor to conceal application icons on the desktop, thereby preventing their deletion...

5.3CVSS5.9AI score0.00278EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2022/03/21 12:0 a.m.9 views

WordPress Easy Social Icons plugin <= 3.2.0 - Unauthenticated Arbitrary Icon Deletion vulnerability

Unauthenticated Arbitrary Icon Deletion vulnerability discovered by Jan w Oleju in WordPress Easy Social Icons versions plugin = 3.2.0. Solution Update the WordPress Easy Social Icons plugin to the latest available version at least 3.2.1...

4AI score
Exploits0References2Affected Software1
wpexploit
wpexploit
added 2022/03/21 12:0 a.m.111 views

Easy Social Icons < 3.2.1 - Unauthenticated Arbitrary Icon Deletion

The plugin does not have authorisation and CSRF checks when deleting icons, allowing unauthenticated user to delete arbitrary icons https://example.com/?cnss-delete=&id=1...

3.4AI score
Exploits0
Rows per page
Query Builder