CVE-2025-3646

Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an authorization bypass vulnerability that allows unauthorized users to add users as shared owners to any device by exploiting missing permission checks. Attackers can send requests to the device share API to gain unauthorized acce...

CVE-2025-3646

Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an authorization bypass vulnerability that allows unauthorized users to add users as shared owners to any device by exploiting missing permission checks. Attackers can send requests to the device share API to gain unauthorized acce...

CVE-2025-3646 Petlibro Smart Pet Feeder Platform through 1.7.31 Authorization Bypass via Device Share API

Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an authorization bypass vulnerability that allows unauthorized users to add users as shared owners to any device by exploiting missing permission checks. Attackers can send requests to the device share API to gain unauthorized acce...

CVE-2025-3646 Petlibro Smart Pet Feeder Platform through 1.7.31 Authorization Bypass via Device Share API

Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an authorization bypass vulnerability that allows unauthorized users to add users as shared owners to any device by exploiting missing permission checks. Attackers can send requests to the device share API to gain unauthorized acce...

PT-2026-1179

Name of the Vulnerable Software and Affected Versions Petlibro Smart Pet Feeder Platform versions up to 1.7.31 Description The Petlibro Smart Pet Feeder Platform is affected by an authorization bypass. This allows unauthorized users to add themselves as shared owners to any device. The issue is d...

EUVD-2022-24471

Malicious code in bioql PyPI...

CVE-2025-6088

In version 0.7.8 of danny-avila/librechat, improper authorization controls in the conversation sharing feature allow unauthorized access to other users' conversations if the conversation ID is known. Although UUIDv4 conversation IDs are generated server-side and are difficult to brute force, they...

SUSE CVE-2022-1128

Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page...

CVE-2022-1128

Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page...

DEBIAN-CVE-2022-1128

Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page...

CVE-2022-1128

Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page...

CVE-2022-1128

Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page...

CVE-2022-1128

Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page...

CVE-2022-1128

CVE-2022-1128 affects Google Chrome on Windows and is caused by an inappropriate implementation of the Web Share API. The issue allows a crafted HTML page on a local network segment to leak cross-origin data. The vulnerability is tied to Chrome versions prior to 100.0.4896.60. The CVSS v3.1 vecto...

The vulnerability in the application programming interface for data exchange via Web Share browsers like Google Chrome and Microsoft Edge allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the application programming interface for data exchange via Web Share browsers in Google Chrome and Microsoft Edge is related to improperly implemented security checks for standard elements. Exploiting this vulnerability can allow an attacker to compromise the confidentiality...

Debian DSA-5112-1 : chromium - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5112 advisory. - Use after free in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially...

Chromium: CVE-2022-1128 Inappropriate implementation in Web Share API

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

KLA12495 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, gain privileges, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in Portals can be...

Google Chrome < 100.0.4896.60 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 100.0.4896.60. It is, therefore, affected by multiple vulnerabilities as referenced in the 202203stable-channel-update-for-desktop29 advisory. - Use after free in Extensions in Google Chrome prior to 100.0.4896.60 allow...

FreeBSD : chromium -- multiple vulnerabilities (ab2d7f62-af9d-11ec-a0b8-3065ec8fd3ec)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ab2d7f62-af9d-11ec-a0b8-3065ec8fd3ec advisory. - Use after free in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who...