Simple bypass of the (optional) password lock screen by force-killing the application a few times.The exact cause of this is unclear, I have seen something previously where it was a "feature" because the developers thought it was crashing on that point so disabled it to let the user continue to use the application...
Trivial instance of client-sided validation, in this case to enforce a timeout they were using the device's time. So by changing the time on the device you can make more attempts at the pin.
Focuses on exploiting an Out-of-Bounds (OOB) read in the `IOSurface` subsystem.The vulnerability was an unchecked `scalar0` index into the scalar input array in `IOMobileFramebufferUserClient::get_displayed_surface()` called by `IOMobileFramebuffers::s_displayed_fb_service()`...
Four vulnerabilities related to XPC services either not sufficiently checking application entitlements leading to disclosure of sensitive information
The vulnerability here is simply that Opera's Pinboard feature allows pinning URLs starting with `javascript:` creating a clickable link on a Pinboard that will execute JavaScript. Unfortunately (for the attacker) these tabs open in a new window and not within the Pinboard context unless middle clicking, then these links will trigger them within the Pinboard context.
Brave when configuring its File Provider exposes all files form its public and private directory. This means an app could trigger a download a Brave’s cookie database by making a request to the content:// url for it and have it downloaded into the Downloads folder where any app could read it.
**tl;dr** WhatsApp stored TLS session resumption files on the sdcard where a malicious application or some social engineering attacker could read.