Canarytokens 安全漏洞

Canarytokens is an open source web activity tracking system from Thinkst Applied Research. A security vulnerability exists in Canarytokens that stems from a server-side request forgery vulnerability that was discovered in the Webhook alert feature...

CVE-2023-27108

An issue was discovered in KaiOS 3.0. The pre-installed Communications application exposes a Web Activity that returns the user's call log without origin or permission checks. An attacker can inject a JavaScript payload that runs in a browser or app without user interaction or consent. This allow...

CVE-2023-27108

An issue was discovered in KaiOS 3.0. The pre-installed Communications application exposes a Web Activity that returns the user's call log without origin or permission checks. An attacker can inject a JavaScript payload that runs in a browser or app without user interaction or consent. This allow...

PT-2023-20958 · Kaios · Kaios

Name of the Vulnerable Software and Affected Versions: KaiOS version 3.0 Description: An issue was discovered in the pre-installed Communications application, which exposes a Web Activity that returns the user's call log without origin or permission checks. An attacker can inject a JavaScript...

Thinkst Canarytokens 跨站脚本漏洞

Thinkst Canarytokens is a web activity tracking system. Thinkst Canarytokens suffers from a cross-site scripting vulnerability that stems from the history page of the canarytoken it triggers allowing an attacker to implement cross-site scripting...

How to Limit How Long Google Keeps Your Data

Google has a new feature that lets you delete your web and app activity after three months. Here's how to use it...

Google Adds New Option to 'Auto-Delete' Your Location History and Activity Data

Google is giving you more control over how long you want the tech company to hold on to your location history and web activity data. Google has introduced a new, easier, privacy-focused auto-delete feature for your Google account that will allow you to automatically delete your Location History a...

Google Adds New Option to 'Auto-Delete' Your Location History and Activity Data

Google is giving you more control over how long you want the tech company to hold on to your location history and web activity data. Google has introduced a new, easier, privacy-focused auto-delete feature for your Google account that will allow you to automatically delete your Location History a...

Facebook Paid Teens $20 to Install 'Research' App That Collects Private Data

If you are thinking that Facebook is sitting quietly after being forced to remove its Onavo VPN app from Apple's App Store, then you are mistaken. It turns out that Facebook is paying teenagers around $20 a month to use its VPN app that aggressively monitors their smartphone and web activity and...

Over 400 Popular Sites Record Your Every Keystroke and Mouse Movement

How many times it has happened to you when you look for something online and the next moment you find its advertisement on almost every other web page or social media site you visit? Web-tracking is not new. Most of the websites log its users' online activities, but a recent study from Princeton...

Apple iOS Safari Component Information Disclosure Vulnerability

Apple iOS is an operating system developed by Apple Inc. for mobile devices, of which Safari is a web browser component. A security vulnerability exists in the Safari component in Apple iOS versions prior to 10.3. The vulnerability can be exploited by a local attacker to gain access to a user's...

Blue Coat Reporter Unauthenticated Directory Traversal

Exploit for hardware platform in category remote exploits Exploit Title: Blue Coat Reporter Unauthenticated Directory Traversal Author: nitr0us / http://twitter.com/nitr0usmx Software Link: http://www.bluecoat.com/products/reporter Version: 9.2.x - 9.1.x Tested on: Windows Server 2003 Standard Bl...