Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2026/06/17 1:55 p.m.11 views

Pi Agent: Pi loads project-local extensions without approval

Pi loads project-local extensions without approval Pi before 0.79.0 loaded project-local configuration and resources from a repository's .pi directory without first asking the user to trust that repository. This included project-local extensions, which are executable TypeScript or JavaScript...

4.4CVSS5.6AI score0.00118EPSS
Exploits0References8Affected Software1
CNNVD
CNNVD
added 2022/11/28 12:0 a.m.5 views

Shenzhen Fujia Technology OurPhoto 安全漏洞

Shenzhen Fujia Technology OurPhoto is a cloud photo frame software from Shenzhen Fujia Technology, China. It allows you to share photos and video files directly on your cell phone. A security vulnerability exists in Shenzhen Fujia Technology OurPhoto version 1.4.1, which stems from the fact that...

7.5CVSS7.4AI score0.00672EPSS
Exploits1References3
OSV
OSV
added 2022/03/16 3:15 p.m.5 views

CVE-2021-39702

In onCreate of RequestManageCredentials.java, there is a possible way for a third party app to install certificates without user approval due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for...

7.8CVSS5.9AI score0.00314EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2009/06/19 12:0 a.m.5 views

PT-2009-3543 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: Apple iPhone OS versions 1.0 through 2.2.1 Apple iPhone OS for iPod touch versions 1.1 through 2.2.1 Description: The issue allows remote attackers to potentially force the iPhone to place a call without user approval. This occurs when the Ma...

5CVSS6.4AI score0.06384EPSS
Exploits0References10
Rows per page
Query Builder