Lucene search
K

76106 matches found

NVD
NVD
added 2 days ago9 views

CVE-2026-21055

Improper export of android application components in Bixby prior to version 4.0.70.8 allows local attackers to execute arbitrary commands with Bixby privilege...

8.5CVSS0.00121EPSS
Exploits0References1
NVD
NVD
added 2 days ago9 views

CVE-2026-21054

Improper export of android application components in InputSharing prior to version 2.7.01.4 allows local attackers to access sharing data...

6.9CVSS0.00115EPSS
Exploits0References1
CVE
CVE
added 2 days ago11 views

CVE-2026-21055

CVE-2026-21055 affects Bixby on Android prior to version 4.0.70.8. The flaw is improper export of Android components , allowing local attackers to execute arbitrary commands with Bixby privilege . The CVSS metrics indicate a HIGH impact (local exploit, no user interaction, high confidentiality/in...

8.5CVSS6.2AI score0.00121EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-21055

Improper export of android application components in Bixby prior to version 4.0.70.8 allows local attackers to execute arbitrary commands with Bixby privilege...

8.5CVSS6.2AI score0.00121EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-42825

Improper export of android application components in Bixby prior to version 4.0.70.8 allows local attackers to execute arbitrary commands with Bixby privilege...

8.5CVSS6.2AI score0.00121EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago32 views

CVE-2026-21055

Improper export of android application components in Bixby prior to version 4.0.70.8 allows local attackers to execute arbitrary commands with Bixby privilege...

8.5CVSS0.00121EPSS
Exploits0References1
CVE
CVE
added 2 days ago13 views

CVE-2026-21054

The CVE-2026-21054 describes an issue in the InputSharing Android component where improper export of application components before version 2.7.01.4 allows local attackers to access sharing data. Affected software: InputSharing, vulnerable up to but not including 2.7.01.4. Root cause: Android comp...

6.9CVSS5.9AI score0.00115EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-21054

Improper export of android application components in InputSharing prior to version 2.7.01.4 allows local attackers to access sharing data...

6.9CVSS5.9AI score0.00115EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-42824

Improper export of android application components in InputSharing prior to version 2.7.01.4 allows local attackers to access sharing data...

6.9CVSS5.9AI score0.00115EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago28 views

CVE-2026-21054

Improper export of android application components in InputSharing prior to version 2.7.01.4 allows local attackers to access sharing data...

6.9CVSS0.00115EPSS
Exploits0References1
NVD
NVD
added 3 days ago9 views

CVE-2026-58378

Allwinner H616 TV Box TV98 has ADB enabled and exposed to the network on production. An attacker could request for ADB authorization and gain root level privileges if the victim allows access...

8.8CVSS0.00242EPSS
Exploits0References2
CVE
CVE
added 3 days ago11 views

CVE-2026-58378

CVE-2026-58378 affects the Allwinner H616 TV Box TV98 where ADB is enabled and exposed on production to the network. The vulnerability can allow an attacker to request ADB authorization and obtain root privileges if the user authorizes access. Public metrics show a high severity (CVSS v3.1/4.0 ba...

8.8CVSS6AI score0.00242EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago7 views

EUVD-2026-42661

Allwinner H616 TV Box TV98 has ADB enabled and exposed to the network on production. An attacker could request for ADB authorization and gain root level privileges if the victim allows access...

8.8CVSS6AI score0.00242EPSS
Exploits0References2
NVD
NVD
added 3 days ago7 views

CVE-2026-15193

A vulnerability was determined in AidanPark openclaw-android up to 0.4.0. The affected element is an unknown function of the file android/app/src/main/java/com/openclaw/android/JsBridge.kt of the component Android WebView Bridge. This manipulation causes os command injection. The attack can only ...

5.3CVSS0.00683EPSS
Exploits0References7
CVE
CVE
added 3 days ago10 views

CVE-2026-13462

PayRange Android app (version 7.0.7 and below) is affected by CVE-2026-13462 due to an SSL bypass in WebViews, allowing invalid certificates to be accepted. This enables a remote, unauthenticated attacker to intercept and exfiltrate data the user submits via the app. Attack surface is the app’s W...

7.5CVSS6AI score0.00229EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 3 days ago5 views

CVE-2026-13462

PayRange Android app, version 7.0.7 and below, contains an SSL bypass vulnerability that allows invalid certificates to be accepted in application webviews. A remote and unauthenticated attacker can steal information that the user sends...

7.5CVSS6AI score0.00229EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 3 days ago33 views

CVE-2026-13462 PayRange for Android, version 7.0.7, contains an SSL bypass vulnerability

PayRange Android app, version 7.0.7 and below, contains an SSL bypass vulnerability that allows invalid certificates to be accepted in application webviews. A remote and unauthenticated attacker can steal information that the user sends...

0.00229EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago7 views

EUVD-2026-42637

PayRange Android app, version 7.0.7 and below, contains an SSL bypass vulnerability that allows invalid certificates to be accepted in application webviews. A remote and unauthenticated attacker can steal information that the user sends...

7.5CVSS6AI score0.00229EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 3 days ago5 views

CVE-2026-15193

A vulnerability was determined in AidanPark openclaw-android up to 0.4.0. The affected element is an unknown function of the file android/app/src/main/java/com/openclaw/android/JsBridge.kt of the component Android WebView Bridge. This manipulation causes os command injection. The attack can only ...

5.3CVSS5.5AI score0.00683EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-15193 AidanPark openclaw-android Android WebView Bridge JsBridge.kt os command injection

A vulnerability was determined in AidanPark openclaw-android up to 0.4.0. The affected element is an unknown function of the file android/app/src/main/java/com/openclaw/android/JsBridge.kt of the component Android WebView Bridge. This manipulation causes os command injection. The attack can only ...

5.3CVSS0.00683EPSS
Exploits0References7
Rows per page
Query Builder