16 matches found
CVE-1999-0608
An incorrect configuration of the PDG Shopping Cart CGI program "shopper.cgi" could disclose private information...
Apple macOS Tahoe Sandboxing Insufficient Restrictions Vulnerability
Apple macOS Tahoe is a desktop operating system released by Apple on June 10, 2025, using the LiquidGlass design language and integrating several AI and cross-device features. Apple macOS Tahoe suffers from an Insufficient Sandbox Restrictions vulnerability, which stems from an insufficient...
Apple macOS Tahoe 安全漏洞
Apple macOS Tahoe is a desktop operating system released by Apple on June 10, 2025, using the LiquidGlass design language and integrating several AI and cross-device features. Apple macOS Tahoe suffers from an Insufficient Sandbox Restrictions vulnerability, which stems from an insufficient...
LibreChat 安全漏洞
LibreChat is an enhanced ChatGPT clone by Danny Avila Personal Developer. A security vulnerability exists in LibreChat 0.8.0 and prior versions, which stems from the iconURL parameter can be modified, potentially leading to a stored cross-site scripting attack and privacy disclosure...
AdForest – Classified Android App 安全漏洞
AdForest - Classified Android App is a classified information system application by the individual developer Muhammad Jawad Arshad. A security vulnerability exists in AdForest - Classified Android App version 4.0.12, which stems from improper access control in the authentication mechanism, which...
Apple iOS 和 iPadOS 安全漏洞
iPhone OS is the operating system developed by Apple for the iPhone and iPod touch. iPadOS is Apple's mobile operating system for iPad devices, which is based on iOS and optimized for iPad. A privacy disclosure vulnerability exists in Apple iPhone OS and iPadOS, which stems from the fact that use...
amtrevision.dk Cross Site Scripting vulnerability OBB-3495955
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2021-37096
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to user privacy disclosed...
Input validation
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to user privacy disclosed...
CVE-2021-37096
CVE-2021-37096 relates to Huawei HarmonyOS and is described in connected sources as an Improper Input Validation vulnerability that could allow an attacker to disclose user privacy. The NVD entry provides CVSS v3.1 base score 7.5 (HIGH) with NETWORK impact, no privileges required, no user interac...
BTCPay Server 安全漏洞
BTCPay Server is a self-hosted open source cryptocurrency payment processor. It is secure, private, uncensored and free. An information disclosure vulnerability exists in BTCPay Server versions prior to 1.0.6.0 that stems from a privacy vulnerability when using the payment button. No details of t...
CVE-2016-11066
Summary: CVE-2016-11066 affects Mattermost Server prior to 3.2.0. Vulnerability details (supported by connected docs): The initial_load API exposes unnecessary personal information. This is the stated root cause across multiple advisories (Mattermost server before 3.2.0). Impact (as described): P...
Firefox Bug Opens iPhone AirPods to Third-Party Snooping
Five high-severity bugs were fixed in the Firefox web browser with the release of version 74 by the Mozilla Foundation on Tuesday. In addition, Mozilla reported a quirky moderate-severity flaw that allows hackers to target iPhone users and collect data tied to connected AirPods, if in use. In...
Security Vulnerabilities fixed in Firefox 74 — Mozilla
When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially exploitable crash. By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during scrip...
CVE-2019-9286
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111213909...
Chaturbate: Password protected rooms total number of viewers disclosure to unauthorized members
Summary Password protected rooms are supposed to be completely private, no information should be exposed if you do not have the room's password, and the UI looks like this. F348826 However, through the following endpoint, It is possible to know the total number of viewers of the room even if it i...