Lucene search
K

61 matches found

NVD
NVD
added 2026/06/16 8:16 p.m.10 views

CVE-2026-0158

In Camera, there is a possible unauthorized way to access photos due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

3.3CVSS0.0006EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/17 7:19 p.m.2 views

CVE-2026-35061

Anviz CX7 Firmware is vulnerable to the most recently captured test photo that can be retrieved without authentication, revealing sensitive operational imagery...

5.3CVSS5.7AI score0.003EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.6 views

PT-2026-32036

TREK is a collaborative travel planner. Prior to 2.7.2, TREK served uploaded photos without requiring authentication. This vulnerability is fixed in 2.7.2...

3.7CVSS5.8AI score0.00235EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/25 6:46 p.m.20 views

CVE-2026-25929 OpenEMR Patient Picture Context Allows Arbitrary Patient Photo Retrieval

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the document controller’s patientpicture context serves the patient’s photo by document ID or patient ID without verifying that the current user is authorized to access...

6.5CVSS0.0026EPSS
Exploits1References2
CVE
CVE
added 2026/02/25 6:46 p.m.18 views

CVE-2026-25929

OpenEMR prior to 8.0.0 is vulnerable in the document controller’s patient_picture context: an authenticated user with document ACL can supply another patient’s ID to retrieve that patient’s photo without proper authorization. Impact is restricted to disclosure of patient photos (confidentiality),...

6.5CVSS5.5AI score0.0026EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/25 6:46 p.m.4 views

CVE-2026-25929

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the document controller’s patientpicture context serves the patient’s photo by document ID or patient ID without verifying that the current user is authorized to access...

6.5CVSS5.8AI score0.0026EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/11 10:58 p.m.3 views

CVE-2026-20642

An input validation issue was addressed. This issue is fixed in iOS 26.3 and iPadOS 26.3. A person with physical access to an iOS device may be able to access photos from the lock screen...

2.4CVSS5.3AI score0.00137EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/11 10:58 p.m.3 views

CVE-2026-20642

An input validation issue was addressed. This issue is fixed in iOS 26.3 and iPadOS 26.3. A person with physical access to an iOS device may be able to access photos from the lock screen...

5.4AI score0.00137EPSS
Exploits0References1
Hacker One
Hacker One
added 2026/01/21 3:7 a.m.10 views

Nextcloud: IDOR on ██████ via direct photo URL leads to unauthorized access to deleted and other users' photos

Summary: An Insecure Direct Object Reference IDOR vulnerability exists in the application that allows unauthorized access to photos belonging to other users. The application does not properly validate whether the logged-in user is authorized to access a photo when accessing it via direct URL. Thi...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 12:29 p.m.8 views

CVE-2023-40438

An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14, iOS 16.7 and iPadOS 16.7. An app may be able to access edited photos saved to a temporary directory...

5.5CVSS5.4AI score0.00199EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:56 a.m.5 views

CVE-2018-4387

A lock screen issue allowed access to photos via Reply With Message on a locked device. This issue was addressed with improved state management. This issue affected versions prior to iOS 12.1...

2.4CVSS5.3AI score0.00323EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-16173

Malware in sbrugna...

2.4CVSS5.7AI score0.00323EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-0837

Malware in sbrugna...

7.5CVSS6.4AI score0.02243EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2015-5869

Malware in sbrugna...

2.1CVSS6.3AI score0.00323EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-15773

Malware in sbrugna...

5.5CVSS4.7AI score0.00376EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-15772

Malware in sbrugna...

5.5CVSS4.7AI score0.00428EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-31253

Malicious code in bioql PyPI...

2.4CVSS4.4AI score0.00263EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-49506

Malicious code in bioql PyPI...

2.4CVSS4.2AI score0.00258EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-45091

Malicious code in bioql PyPI...

3.3CVSS4.4AI score0.00285EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-8907

Malicious code in bioql PyPI...

2.4CVSS6.4AI score0.00254EPSS
Exploits0References2
Rows per page
Query Builder