11 matches found
EUVD-2023-53843
Malicious code in bioql PyPI...
EUVD-2025-8084
Malicious code in bioql PyPI...
CVE-2025-30741
Pixelfed before 0.12.5 allows anyone to follow private accounts and see private posts on other Fediverse servers. This affects users elsewhere in the Fediverse, if they otherwise have any followers from a Pixelfed instance...
Pixelfed 安全漏洞
Pixelfed is a free and ethical photo sharing platform from the individual developers of Pixelfed. A security vulnerability exists in versions of Pixelfed prior to 0.12.5 that stems from the fact that anyone can follow private accounts on other Fediverse servers and view private posts...
CVE-2025-30741
Pixelfed before 0.12.5 allows anyone to follow private accounts and see private posts on other Fediverse servers. This affects users elsewhere in the Fediverse, if they otherwise have any followers from a Pixelfed instance...
CVE-2025-30741
Pixelfed before 0.12.5 allows anyone to follow private accounts and see private posts on other Fediverse servers. This affects users elsewhere in the Fediverse, if they otherwise have any followers from a Pixelfed instance...
CVE-2025-30741
Pixelfed before 0.12.5 allows anyone to follow private accounts and see private posts on other Fediverse servers. This affects users elsewhere in the Fediverse, if they otherwise have any followers from a Pixelfed instance...
TikTok: Unauthorized Access to Private Video Description via Translation API for Private Accounts
A vulnerability was discovered in the TikTok translation API endpoint that could have allowed unauthorized access to video descriptions contained in private accounts...
CVE-2023-49948
Forgejo before 1.20.5-1 allows remote attackers to test for the existence of private user accounts by appending .rss or another extension to a URL...
PT-2023-31419 · Forgejo · Forgejo
Name of the Vulnerable Software and Affected Versions: Forgejo versions prior to 1.20.5-1 Description: The issue allows remote attackers to test for the existence of private user accounts by appending .rss or another extension to a URL. Recommendations: For versions prior to 1.20.5-1, update to...
Instagram Bug Allowed Anyone to View Private Accounts Without Following Them
Instagram has patched a new flaw that allowed anyone to view archived posts and stories posted by private accounts without having to follow them. "This bug could have allowed a malicious user to view targeted media on Instagram," security researcher Mayur Fartade said in a Medium post today. "An...