97 matches found
CVE-2022-26706
An access issue was addressed with additional sandbox restrictions on third-party applications. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A sandboxed process may be able to circumvent sandbox restrictions...
EUVD-2020-26790
Malware in sbrugna...
EUVD-2007-3468
Malware in sbrugna...
EUVD-2008-3617
Malware in sbrugna...
EUVD-2023-48486
Malicious code in bioql PyPI...
EUVD-2022-31256
Malicious code in bioql PyPI...
EUVD-2022-27405
Malicious code in bioql PyPI...
EUVD-2025-19527
Malicious code in bioql PyPI...
EUVD-2023-38260
Malicious code in bioql PyPI...
CVE-2022-32945
An access issue was addressed with additional sandbox restrictions on third-party apps. This issue is fixed in macOS Ventura 13. An app may be able to record audio with paired AirPods...
CVE-2022-22258
The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may allow third-party applications to intercept event notifications and add information and result in elevation-of-privilege...
CVE-2021-21732
A mobile phone of ZTE is impacted by improper access control vulnerability. Due to improper permission settings, third-party applications can read some files in the proc file system without authorization. Attackers could exploit this vulnerability to obtain sensitive information. This affects Axo...
New Research: The State of Web Exposure 2025
Are your websites leaking sensitive data? New research reveals that 45% of third-party apps access user info without proper authorization, and 53% of risk exposures in Retail are due to the excessive use of tracking tools. Learn how to uncover and mitigate these hidden threats and risks—download...
CVE-2024-11696
The Mozilla Foundation's Security Advisory: The application can fail to account for exceptions thrown by the loadManifestFromFile method during add-on signature verification. This flaw is triggered by an invalid or unsupported extension manifest and could cause runtime errors that disrupt the...
CVE-2024-11696
The application failed to account for exceptions thrown by the loadManifestFromFile method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the...
CVE-2024-11696
The application failed to account for exceptions thrown by the loadManifestFromFile method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the...
BEC-ware the Phish (part 2): Respond and Remediate Incidents in M365
TL;DR Ensure you can reliably take initial containment actions such as disabling accounts, resetting passwords, and revoking tokens. Token binding ensures that a token only works on the specific device the token was issued and is currently the best protection against token theft. As a minimum...
CVE-2024-45240
The TikTok aka com.zhiliaoapp.musically application before 34.5.5 for Android allows the takeover of Lynxview JavaScript interfaces via deeplink traversal in the application's exposed WebView. On Android 12 and later, this is only exploitable by third-party applications...
ROS-20240812-01
The vulnerability in the Kerberos 5 Heimdal implementation is due to bugs in the Heimdal PKI certificate checks, affecting KDC via PKINIT and kinit via PKINIT, as well as any third-party applications, that utilize libhx509 Heimdal. Exploitation of the vulnerability could allow an attacker acting...
From 500 to 5000 Employees - Securing 3rd Party App-Usage in Mid-Market Companies
A company's lifecycle stage, size, and state have a significant impact on its security needs, policies, and priorities. This is particularly true for modern mid-market companies that are either experiencing or have experienced rapid growth. As requirements and tasks continue to accumulate and...