PT-2026-47803

Name of the Vulnerable Software and Affected Versions Zoom Workplace versions prior to 7.0.4 for Android Zoom Workplace versions prior to 7.0.3 for iOS Description Improper authorization in the handler for custom URL schemes allows an unauthenticated user to perform an escalation of privilege via...

Apache Cordova Plugin InAppBrowser 输入验证错误漏洞

Apache Cordova Plugin InAppBrowser is an embedded browser plugin developed by the Apache Foundation. Versions 3.1.0 to 6.0.0 of Apache Cordova Plugin InAppBrowser contain a vulnerability related to input validation errors. This vulnerability stems from insufficient format validation of the id fie...

KLA91010 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Canvas can be exploited remotely to execute arbitrar...

CVE-2019-25339

CVE-2019-25339 affects GHIA CamIP 1.2 for iOS. The vulnerability is a denial-of-service in the password input field where pasting a 33-character buffer of repeated characters can crash the application on iOS devices. The provided metrics indicate a high severity under CVSS 3.1/4.0 with local/NETW...

PT-2026-5837

Name of the Vulnerable Software and Affected Versions Easy Transfer Wifi Transfer versions 1.7 for iOS Description A persistent cross-site scripting issue exists in Easy Transfer Wifi Transfer version 1.7 for iOS. Remote attackers can inject malicious scripts by manipulating the oldPath, newPath,...

CVE-2023-49060

An attacker could have accessed internal pages or data by ex-filtrating a security key from ReaderMode via the referrerpolicy attribute. This vulnerability affects Firefox for iOS 120...

CVE-2018-4356

A permissions issue existed. This issue was addressed with improved permission validation. This issue affected versions prior to iOS 12...

CVE-2018-4365

An out-of-bounds read was addressed with improved bounds checking. This issue affected versions prior to iOS 12.1...

CVE-2018-4446

This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12.1.1...

CVE-2018-4329

Clearing a history item may not clear visits with redirect chains. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12, Safari 12...

CVE-2018-4464

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9...

CVE-2018-4307

A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12, Safari 12...

CVE-2018-4361

A memory consumption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7...

CVE-2018-4366

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1...

CVE-2018-4322

This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12...

CVE-2018-4344

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5...

CVE-2018-4379

A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.0.1...

CVE-2021-33595

A address bar spoofing vulnerability was discovered in Safe Browser for iOS. Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. A remote attacker can leverage this to perform address...

CVE-2021-33593

Whale browser for iOS before 1.14.0 has an inconsistent user interface issue that allows an attacker to obfuscate the address bar which may lead to address bar spoofing...

CVE-2021-22912

Nextcloud iOS before 3.4.2 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only on the local Nextcloud server unless a global search has been explicitly chosen by the user...