CVE-2025-25983

An issue in Macro-video Technologies Co.,Ltd V380 Pro android application 2.1.44 and V380 Pro android application 2.1.64 allows an attacker to obtain sensitive information via the QE code based sharing component...

CVE-2025-25983

CVE-2025-25983 affects Macro-video V380 Pro Android apps 2.1.44 and 2.1.64 through the app’s QE code based sharing component. The issue enables disclosure of sensitive data via the QR-based sharing flow: the QR payload encodes a device id, a key, and an encrypted message; practical analysis shows...

CVE-2025-25983

An issue in Macro-video Technologies Co.,Ltd V380 Pro android application 2.1.44 and V380 Pro android application 2.1.64 allows an attacker to obtain sensitive information via the QE code based sharing component...

Mattermost Mobile Apps Denial of Service Vulnerability

Mattermost Mobile Apps is a messaging mobile application from Mattermost USA. A denial of service vulnerability exists in Mattermost Mobile Apps version 2.25.0, which stems from an improperly validated GIF image, and can be exploited by an attacker to crash an Android application via a message...

CVE-2025-1558

Mattermost Mobile Apps versions =2.25.0 fail to properly validate GIF images prior to rendering which allows a malicious user to cause the Android application to crash via message containing a maliciously crafted GIF...

CVE-2025-1558 Denial of Service Via Malicious GIF

Mattermost Mobile Apps versions =2.25.0 fail to properly validate GIF images prior to rendering which allows a malicious user to cause the Android application to crash via message containing a maliciously crafted GIF...

CVE-2025-1558 Denial of Service Via Malicious GIF

Mattermost Mobile Apps versions =2.25.0 fail to properly validate GIF images prior to rendering which allows a malicious user to cause the Android application to crash via message containing a maliciously crafted GIF...

CVE-2025-1558

CVE-2025-1558 affects Mattermost Mobile Apps (versions ≤ 2.25.0). The root cause is improper validation of GIF images prior to rendering, which allows a remote attacker to crash the Android app via a message containing a specially crafted GIF. The vulnerability is described across multiple source...

CVE-2025-30113

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials exist in the APK for Ports 9091 and 9092. The dashcam's Android application contains hardcoded credentials that allow unauthorized access to device settings through ports 9091 and 9092. These...

CVE-2025-30113

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials exist in the APK for Ports 9091 and 9092. The dashcam's Android application contains hardcoded credentials that allow unauthorized access to device settings through ports 9091 and 9092. These...

CVE-2025-20926

Improper export of Android application components in My Files prior to version 15.0.07.5 in Android 14 allows local attackers to access files with My Files' privilege...

CVE-2025-20926

Improper export of Android application components in My Files prior to version 15.0.07.5 in Android 14 allows local attackers to access files with My Files' privilege...

CVE-2025-20926

Improper export of Android application components in My Files prior to version 15.0.07.5 in Android 14 allows local attackers to access files with My Files' privilege...

CVE-2025-20926

Improper export of Android application components in My Files prior to version 15.0.07.5 in Android 14 allows local attackers to access files with My Files' privilege...

CVE-2025-1940

A select option could partially obscure the confirmation prompt shown before launching external apps. This could be used to trick a user in to launching an external app unexpectedly. This issue only affects Android versions of Firefox.. This vulnerability was fixed in Firefox 136...

CVE-2025-24318 Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Sensitive Cookie Without 'HttpOnly' Flag

Cookie policy is observable via built-in browser tools. In the presence of XSS, this could lead to full session compromise...

CVE-2025-24318 Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Sensitive Cookie Without 'HttpOnly' Flag

Cookie policy is observable via built-in browser tools. In the presence of XSS, this could lead to full session compromise...

CVE-2025-24849 Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Cleartext Transmission of Sensitive Information

Lack of encryption in transit for cloud infrastructure facilitating potential for sensitive data manipulation or exposure...

CVE-2025-24843 Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Storage of Sensitive Data in a Mechanism without Access Control

Insecure file retrieval process that facilitates potential for file manipulation to affect product stability and confidentiality, integrity, authenticity, and attestation of stored data...

CVE-2025-23405 Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Improper Output Neutralization For Logs

Unauthenticated log effects metrics gathering incident response efforts and potentially exposes risk of injection attacks ex log injection...