6 matches found
EUVD-2026-41266
The My Calendar – Accessible Event Manager plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.7.14 via the 'vcal' parameter due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to...
EUVD-2020-29027
Malware in sbrugna...
SUSE CVE-2020-8117
Improper preservation of permissions in Nextcloud Server 14.0.3 causes the event details to be leaked when sharing a non-public event...
CVE-2022-45118
OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication subsystem sends public events with personal data, but the permission is not set. Malicious apps could listen to public events and obtain information such as mobile numbers and SMS data without permissions...
OpenHarmony 安全漏洞
OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation OpenAtom Foundation Foundation. OpenHarmony telephonystateregistrytelephonysmsmms security vulnerability, the vulnerability in the communication subsystem of the phone to send public events with...
Threat Source newsletter (July 18, 2019)
Newsletter compiled by Jonathan Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. A group we’re calling “SWEED” may be behind years of Agent Tesla attacks. This week, we uncovered everything we know about this...