5 matches found
CVE-2024-0020
In onActivityResult of NotificationSoundPreference.java, there is a possible way to hear audio files belonging to a different user due to a confused deputy. This could lead to local information disclosure across users of a device with no additional execution privileges needed. User interaction is...
CVE-2023-27035
An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop notifications, record user audio and other unspecified impacts via embedded website on the canvas page...
CVE-2023-27035
An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop notifications, record user audio and other unspecified impacts via embedded website on the canvas page...
CVE-2023-27035
An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop notifications, record user audio and other unspecified impacts via embedded website on the canvas page...
CVE-2023-27035
CVE-2023-27035 affects Obsidian Canvas 1.1.9. The issue allows remote attackers to trigger sensitive Web APIs from embedded pages on the canvas, enabling actions such as sending desktop notifications and recording the user’s audio without explicit user permission. The root cause, as described in ...