Multiple cross-site scripting (XSS) vulnerabilities in Y-Cam camera models SD range YCB003, YCK003, and YCW003; S range YCB004, YCK004, YCW004; EyeBall YCEB03; Bullet VGA YCBL03 and YCBLB3; Bullet HD. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.
Mozilla Firefox before 38.0 on Android does not properly restrict writing URL data to the Android logging system, which allows attackers to obtain sensitive information via a crafted application that. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.