CVE-2023-35041

CVE-2023-35041 affects the WordPress plugin Webpushr Web Push Notifications (Webpushr) version

CVE-2023-26531

Cross-Site Request Forgery CSRF vulnerability in 闪电博 多合一搜索自动推送管理插件-支持Baidu/Google/Bing/IndexNow/Yandex/头条 allows Cross Site Request Forgery.This issue affects 多合一搜索自动推送管理插件-支持Baidu/Google/Bing/IndexNow/Yandex/头条: from n/a through 4.2.7...

WordPress Plugin Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

WordPress Plugin Web Push Notifications - Webpushr Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

GO-2022-0326 Improper certificate validation in github.com/sigstore/cosign

Cosign can be manipulated to claim that an entry for a signature in the OCI registry exists in the Rekor transparency log even if it does not. This requires the attacker to have pull and push permissions for the signature in OCI. This can happen with both standard signing with a keypair and...

CVE-2023-42542

Improper access control vulnerability in Samsung Push Service prior to 3.4.10 allows local attackers to get register ID to identify the device...

CVE-2023-42542

Improper access control vulnerability in Samsung Push Service prior to 3.4.10 allows local attackers to get register ID to identify the device...

CVE-2023-42541

Improper authorization in PushClientProvider of Samsung Push Service prior to version 3.4.10 allows attacker to access unique id...

CVE-2023-42541

Improper authorization in PushClientProvider of Samsung Push Service prior to version 3.4.10 allows attacker to access unique id...

Improper access control

Improper access control vulnerability in Samsung Push Service prior to 3.4.10 allows local attackers to get register ID to identify the device...

Authorization

Improper authorization in PushClientProvider of Samsung Push Service prior to version 3.4.10 allows attacker to access unique id...

CVE-2023-42542

Improper access control vulnerability in Samsung Push Service prior to 3.4.10 allows local attackers to get register ID to identify the device...

CVE-2023-42542

Improper access control vulnerability in Samsung Push Service prior to 3.4.10 allows local attackers to get register ID to identify the device...

CVE-2023-42542

The CVE-2023-42542 issue is an improper access control in Samsung Push Service prior to version 3.4.10. It allows a local attacker to obtain a device register ID, enabling device identification. Affected software: Samsung Push Service up to version 3.4.9.0 (prior to 3.4.10). Root cause: inadequat...

CVE-2023-42541

Improper authorization in PushClientProvider of Samsung Push Service prior to version 3.4.10 allows attacker to access unique id...

CVE-2023-42541

Improper authorization in PushClientProvider of Samsung Push Service prior to version 3.4.10 allows attacker to access unique id...

CVE-2023-42541

CVE-2023-42541 affects Samsung Push Service (PushClientProvider). The issue is improper authorization that, in versions prior to 3.4.10, could allow an attacker to access a unique ID. Evidence from multiple sources confirms the affected software, the vulnerable component (PushClientProvider), and...

SAMSUNG Mobile devices security vulnerability

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices prior to version 3.4.10, which stems from an improper access control vulnerability in the...

SAMSUNG Mobile devices security vulnerability

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices prior to version 3.4.10, which stems from improper authorization in the PushClientProvider o...

PT-2023-28409 · Samsung · Samsung Push Service

Name of the Vulnerable Software and Affected Versions: Samsung Push Service versions prior to 3.4.10 Description: The issue is related to improper access control, allowing local attackers to obtain a register ID that can be used to identify the device. Recommendations: For versions prior to 3.4.1...