467 matches found
CVE-2025-36911
In key-based pairing, there is a possible ID due to a logic error in the code. This could lead to remote proximal/adjacent information disclosure of user's conversations and location with no additional execution privileges needed. User interaction is not needed for exploitation...
[SECURITY] Fedora 43 Update: gpsd-3.26.1-6.fc43
gpsd is a service daemon that mediates access to a GPS sensor connected to the host computer by serial or USB interface, making its data on the location/course/velocity of the sensor available to be queried on TCP port 2947 of the host computer. With gpsd, multiple GPS client applications such as...
CVE-2023-40413
The issue was addressed with improved handling of caches. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to read sensitive location information...
CVE-2021-0518
In Wi-Fi, there is a possible leak of location-sensitive data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-176541...
CVE-2021-0400
In injectBestLocation and handleUpdateLocation of GnssLocationProvider.java, there is a possible incorrect reporting of location data to emergency services due to improper input validation. This could lead to incorrect reporting of location data to emergency services with User execution privilege...
CVE-2025-43513
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to read sensitive location information...
CVE-2025-14442
The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to sensitive information exposure due to storage of exported CSV files in a publicly accessible directory with predictable filenames in all versions up to, and including, 4.9.2. This makes it possible for...
CVE-2025-43513
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to read sensitive location information...
CVE-2025-43513
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Tahoe 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3. An app may be able to read sensitive location information...
CVE-2025-43513
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to read sensitive location information...
EUVD-2025-203147
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to read sensitive location information...
CVE-2025-43513
CVE-2025-43513 is a permissions issue in macOS that allowed an app to read sensitive location information. It is fixed by removing the vulnerable code in macOS Tahoe 26.2, macOS Sequoia 15.7.3, and macOS Sonoma 14.8.3. The issue affects the MDM Configuration Tools component; the fixes are include...
EUVD-2025-203073
The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to sensitive information exposure due to storage of exported CSV files in a publicly accessible directory with predictable filenames in all versions up to, and including, 4.9.2. This makes it possible for...
CVE-2025-14442
CVE-2025-14442 affects the Secure Copy Content Protection and Content Locking WordPress plugin. Affected versions up to and including 4.9.2 store exported CSV files in a publicly accessible directory with predictable filenames, enabling unauthenticated access to sensitive user data (emails, IP ad...
PT-2025-51009
Name of the Vulnerable Software and Affected Versions macOS versions prior to Sonoma 14.8.3 macOS versions prior to Sequoia 15.7.3 Description A flaw allowed an application to potentially access sensitive location data. The vulnerable code has been removed in updated versions. Recommendations...
PT-2025-50926
The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to sensitive information exposure due to storage of exported CSV files in a publicly accessible directory with predictable filenames in all versions up to, and including, 4.9.2. This makes it possible for...
Apple macOS 安全漏洞
Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS Sonoma prior to 14.8.3 and Sequoia prior to 15.7.3, which stems from a permissions issue that could result in reading sensitive...
PT-2025-50774
Name of the Vulnerable Software and Affected Versions SpaceX Starlink Dish versions 2024.12.04.mr46620 Description SpaceX Starlink Dish devices allow administrative actions via unauthenticated LAN gRPC requests, referred to as MARMALADE 2. The cross-origin policy can be bypassed by omitting a...
Air fryer app caught asking for voice data (re-air) (Lock and Code S06E24)
This week on the Lock and Code podcast … It's often said online that if a product is free, you're the product, but what if that bargain was no longer true? What if, depending on the device you paid hard-earned money for, you still became a product yourself, to be measured, anonymized, collated,...
EUVD-2012-6192
Malware in sbrugna...