CVE-2024-45361

A protocol flaw vulnerability exists in the Xiaomi Mi Connect Service APP. The vulnerability is caused by the validation logic is flawed and can be exploited by attackers to leak sensitive user information...

CVE-2025-25330

An issue in Boohee Technology Boohee Health iOS 13.0.13 allows attackers to access sensitive user information via supplying a crafted link...

CVE-2024-56966

An issue in Shanghai Xuan Ting Entertainment Information & Technology Co., Ltd Qidian Reader iOS 5.9.384 allows attackers to access sensitive user information via supplying a crafted link...

CVE-2024-56960

An issue in Tianjin Xiaowu Information technology Co., Ltd BeiKe Holdings iOS 1.3.50 allows attackers to access sensitive user information via supplying a crafted link...

CVE-2024-56965

An issue in Shanghai Shizhi Information Technology Co., Ltd Shihuo iOS 8.16.0 allows attackers to access sensitive user information via supplying a crafted link...

CVE-2024-56965

An issue in Shanghai Shizhi Information Technology Co., Ltd Shihuo iOS 8.16.0 allows attackers to access sensitive user information via supplying a crafted link...

CVE-2024-44293

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.1. A user may be able to view sensitive user information...

SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2022:4207-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4207-1 advisory. - An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big S...

CVE-2022-22594

A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. A website may be able to track sensitive user information...

SiCKRAGE cross-site scripting vulnerability (CNVD-2021-29111)

SickRage is an automated video library manager for TV programs. A stored cross-site scripting vulnerability exists in SiCKRAGE version 4.2.0 - 10.0.11.dev1. The vulnerability stems from the server processing user input without properly validating user input. An attacker can exploit the...

Automattic WooCommerce Order Export Cross-Site Scripting Vulnerability

Automattic WooCommerce is the United States Automattic company's set of open source e-commerce platform based on WordPress . A cross-site scripting vulnerability exists in WooCommerce Order Export in versions prior to 3.1.8. The vulnerability stems from the fact that Advanced Order Export allows...

A vulnerability exists in the Android version of the Miramar app that does not disable app debugging privileges.

The Beauty Talk app is a software used for online shopping. A vulnerability exists in the Android version of Meilizhou app where the APP debugging privilege is not closed. Attackers can use the vulnerability to debug the app to obtain sensitive user information...

CVE-2002-0963

SQL injection vulnerability in comment.php for GeekLog 1.3.5 and earlier allows remote attackers to obtain sensitive user information via the pid parameter...

CVE-2000-0936

Samba Web Administration Tool SWAT in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords...