46 matches found
Global Web, Local Privacy? an International Review of Web Tracking
Web tracking by ad networks, social networks, and other third parties is privacy-invasive. To protect users' privacy an increasing number of countries are adopting new privacy laws. However, a major reason why their application on the web is so challenging is that privacy laws are local while the...
TOR Virtual Network Tunneling Tool 0.4.9.5
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow...
PT-2026-7799
Name of the Vulnerable Software and Affected Versions Apple Safari versions prior to 26.3 Apple iOS versions prior to 26.3 Apple iPadOS versions prior to 26.3 Apple macOS Tahoe versions prior to 26.3 Apple visionOS versions prior to 26.3 Description A website may be able to track users through...
EUVD-2022-4785
Malicious code in bioql PyPI...
EUVD-2022-35934
Malicious code in bioql PyPI...
Every Keystroke You Make: a Tech-Law Measurement and Analysis of Event Listeners for Wiretapping
The privacy community has a long track record of investigating emerging types of web tracking techniques. Recent work has focused on compliance of web trackers with new privacy laws such as Europe's GDPR and California's CCPA. Despite the growing body of research documenting widespread lack of...
New Study Shows Google Tracking Persists Even With Privacy Tools
A new SafetyDetectives study reveals the surprising extent of Google tracking across the web in the US, UK, Switzerland, and Sweden. Discover how Google Analytics, AdSense, and YouTube embeds collect your data, even when using DuckDuckGo...
SoK: Advances and Open Problems in Web Tracking
Web tracking is a pervasive and opaque practice that enables personalized advertising, retargeting, and conversion tracking. Over time, it has evolved into a sophisticated and invasive ecosystem, employing increasingly complex techniques to monitor and profile users across the web. The research...
CVE-2022-25772
A cross-site scripting XSS vulnerability in the web tracking component of Mautic before 4.3.0 allows remote attackers to inject executable javascript...
Web tracking report: who monitored users’ online activities in 2023–2024 the most
Web tracking has become a pervasive aspect of our online experience. Whether we're browsing social media, playing video games, shopping for products, or simply reading news articles, trackers are silently monitoring our online behavior, fueling the ceaseless hum of countless data centers worldwid...
SUSE CVE-2023-38599
A logic issue was addressed with improved state management. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A website may be able to track sensitive user information...
Apple iOS 和 iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. Apple iOS and iPadOS have a security vulnerability that originates from websites that may be able to track...
Google delays Chrome third party cookie sunsetting…again
Weve seen many examples of third-party cookies being tackled by browsers recently. Its not so long ago that Firefox effectively locked down third-party tracking by isolating cookies into so-called jars. By doing so, their "Total Cookie Protection" seeks to prevent all those cookies on your PC...
Malicious code in tinkoff-web-tracking (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8430ad0ed9e8c2a8e9493419b210bb23aef0c358fcb5c01283db9d6f272093d4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2022-25772
A cross-site scripting XSS vulnerability in the web tracking component of Mautic before 4.3.0 allows remote attackers to inject executable javascript...
CVE-2022-25772
A cross-site scripting XSS vulnerability in the web tracking component of Mautic before 4.3.0 allows remote attackers to inject executable javascript...
Cross site scripting
A cross-site scripting XSS vulnerability in the web tracking component of Mautic before 4.3.0 allows remote attackers to inject executable javascript...
CVE-2022-25772
The CVE-2022-25772 entry corresponds to a cross-site scripting vulnerability in Mautic’s web tracking component present in versions before 4.3.0. The root cause is improper sanitization of user metadata collected from tracking pixels, enabling remote attackers to inject executable JavaScript. Pub...
CVE-2022-25772
A cross-site scripting XSS vulnerability in the web tracking component of Mautic before 4.3.0 allows remote attackers to inject executable javascript...
PT-2022-17503 · Mautic · Mautic
Name of the Vulnerable Software and Affected Versions: Mautic versions prior to 4.3.0 Description: A cross-site scripting XSS vulnerability in the web tracking component allows remote attackers to inject executable javascript. The issue arises because the output of tracking metadata is not...