10 matches found
EUVD-2026-38236
Vulnerability involving the exposure of sensitive data provided without adequate protection. The API exposes email and phone number data from the ‘email’ and ‘telefon’ fields. This vulnerability is also present in the local database, as it contains accessible sensitive information such as data on...
EUVD-2021-20514
Malware in sbrugna...
CVE-2024-39891
In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before 26.1.0, an unauthenticated endpoint provided access to certain phone-number data, as exploited in the wild in June 2024. Specifically, the endpoint accepted a stream of requests containing phone numbers, and...
CVE-2024-39891
In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before 26.1.0, an unauthenticated endpoint provided access to certain phone-number data, as exploited in the wild in June 2024. Specifically, the endpoint accepted a stream of requests containing phone numbers, and...
CVE-2024-39891
In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before 26.1.0, an unauthenticated endpoint provided access to certain phone-number data, as exploited in the wild in June 2024. Specifically, the endpoint accepted a stream of requests containing phone numbers, and...
CVE-2024-39891
CVE-2024-39891 describes a information-disclosure bug in the Twilio Authy API: an unauthenticated endpoint accepts a stream of phone numbers and returns whether each is registered with Authy. Affected software is Twilio Authy on Android before 25.1.0 and iOS before 26.1.0. The vulnerability was e...
Twilio Authy API Security Vulnerability
Twilio Authy API is an authorization interface from Twilio, Inc. It is used to build two-factor authentication, passwordless login and secure authorization for developers. A security vulnerability exists in Twilio Authy API for Android versions prior to 25.1.0, Twilio Authy API for iOS versions...
CVE-2024-39891
In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before 26.1.0, an unauthenticated endpoint provided access to certain phone-number data, as exploited in the wild in June 2024. Specifically, the endpoint accepted a stream of requests containing phone numbers, and...
PT-2024-5376 · Twilio · Twilio Authy Android +2
Name of the Vulnerable Software and Affected Versions: Twilio Authy Android versions prior to 25.1.0 Twilio Authy iOS versions prior to 26.1.0 Description: The issue concerns an unauthenticated endpoint in the Twilio Authy API that provided access to certain phone-number data. This endpoint...
CVE-2021-33840
The server in Luca through 1.1.14 allows remote attackers to cause a denial of service insertion of many fake records related to COVID-19 because Phone Number data lacks a digital signature...