20 matches found
CVE-2026-56296
creationtimestamp| type| source ---|---|--- 2026-07-11 14:40:13+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqevevaz5z2z 2026-07-11 15:36:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqeyjfs3bh2x...
CVE-2025-12008 IDOR in APPYAP's Yaay Social Media App
Authorization bypass through User-Controlled key vulnerability in APPYAP Technology and Information Inc. Yaay Social Media App allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Yaay Social Media App: from 3.8.0 through 24102025...
PT-2026-40908
Authorization bypass through User-Controlled key vulnerability in APPYAP Technology and Information Inc. Yaay Social Media App allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Yaay Social Media App: from 3.8.0 through 24102025...
CVE-2026-42155
creationtimestamp| type| source ---|---|--- 2026-05-04 20:56:34+00:00| published-proof-of-concept| https://github.com/OpenMage/magento-lts/security/advisories/GHSA-2cwr-gcf9-pvxr 2026-05-16 03:00:30+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mlwu63uqud2d...
CampusConnect 安全漏洞
CampusConnect is a university social networking application developed by CampusConnect in Ireland. Versions of CampusConnect prior to 14.3.5 contained a security vulnerability due to the use of hard-coded encryption keys...
CVE-2025-68943
creationtimestamp| type| source ---|---|--- 2025-12-26 04:54:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mauisc3sqs22...
EUVD-2020-29146
Malware in sbrugna...
CVE-2020-8278
Improper access control in Nextcloud Social app version 0.3.1 allowed to read posts of any user...
Nextcloud Social app access control error vulnerability
Nextcloud Nextcloud Social app is a social application from Nextcloud Germany. An access control error vulnerability exists in version 0.3.1 of the Nextcloud Social app. The vulnerability is related to the control system of the affected version not properly handling user access requests. There is...
CVE-2020-8278
Improper access control in Nextcloud Social app version 0.3.1 allowed to read posts of any user...
CVE-2020-8278
Improper access control in Nextcloud Social app version 0.3.1 allowed to read posts of any user...
Improper access control
Improper access control in Nextcloud Social app version 0.3.1 allowed to read posts of any user...
CVE-2020-8278
Improper access control in Nextcloud Social app version 0.3.1 allowed to read posts of any user...
CVE-2020-8278
CVE-2020-8278 corresponds to a vulnerability in the Nextcloud Social app (version 0.3.1) where improper access control allows reading posts of any user. The root cause is missing authentication/authorization checks in the Social app’s access flow (notably the displayPost path in the ActivityPubCo...
Improper access control to messages of Social app (NC-SA-2020-042)
Improper access control in Social app 0.3.1 allowed to read posts of any user...
Social App does not validate server certificates for outgoing connections (NC-SA-2020-043)
Missing validation of server certificates for out-going connections allowed a man-in-the-middle attack...
Nextcloud: Improper access control to messages of Social app
The Social App https://apps.nextcloud.com/apps/social lacks access controls in the displayPost function /@username/token allowing an unauthenticated user to view any message content by knowing or guessing the message ID. The vulnerable code is at...
Nextcloud: Social App does not validate server certificates for outgoing connections
The Social App https://apps.nextcloud.com/apps/social does not validate the server TLS certificate for connections to other ActivityPub servers. These connections are used to retrieve the public key for a user or posting a message to another ActivityPub server. The public key for a user is used t...
VR social app Bigscreen presence of security vulnerabilities, hackers executable MITR attack-vulnerability warning-the black bar safety net
Connecticut West Haven University security team found the VR social platform Bigscreen there is a serious security vulnerability. The vulnerability allows the attacker without the player permission to enter their virtual reality space, thereby enhancing system is embedded in a malicious program b...
Fast - Social App - Customized SSL, Exported ContentProvider, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Fast - Social App published at the 'play' market has multiple vulnerabilities...