Lucene search
+L

96 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2021-8282

Malicious code in bioql PyPI...

8.1CVSS6.8AI score0.00842EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-26966

Malicious code in bioql PyPI...

5.3CVSS4.9AI score0.00253EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-41372

Malicious code in bioql PyPI...

4.3CVSS4.6AI score0.00277EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-8147

Malicious code in bioql PyPI...

6.1CVSS5.3AI score0.00821EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.13 views

EUVD-2021-8246

Malicious code in bioql PyPI...

6.1CVSS5.3AI score0.01157EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2021-8189

Malicious code in bioql PyPI...

4.3CVSS5AI score0.00869EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/07 5:33 a.m.7 views

CVE-2025-41408

Improper authorization in handler for custom URL scheme issue in "Yahoo! Shopping" App for Android versions prior to 14.15.0 allows a remote unauthenticated attacker may lead a user to access an arbitrary website on the vulnerable App. As a result, the user may become a victim of a phishing attac...

5.3CVSS5AI score0.00253EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/09/05 6:12 a.m.6 views

"Yahoo! Shopping" App for Android fails to restrict custom URL schemes properly

Overview "Yahoo! Shopping" App for Android provided by LY Corporation contains the following vulnerability. Improper authorization in handler for custom URL scheme CWE-939 - CVE-2025-41408 Shiga Takuma of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

5.3CVSS6.8AI score0.00253EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 8:7 a.m.7 views

CVE-2024-45203

Improper authorization in handler for custom URL scheme issue in "@cosme" App for Android versions prior 5.69.0 and "@cosme" App for iOS versions prior to 6.74.0 allows an attacker to lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a victim of a...

4.3CVSS6.6AI score0.00277EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 7:21 a.m.11 views

CVE-2024-44155

A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in Safari 18, iOS 17.7.1 and iPadOS 17.7.1, iOS 18 and iPadOS 18, macOS Sequoia 15, watchOS 11. Maliciously crafted web content may violate iframe sandboxing policy...

6.5CVSS5.8AI score0.00517EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:17 a.m.10 views

CVE-2024-40867

A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1. A remote attacker may be able to break out of Web Content sandbox...

9.6CVSS5.9AI score0.007EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:36 a.m.10 views

CVE-2023-44689

e-Gov Client Application Windows version versions prior to 2.1.1.0 and e-Gov Client Application macOS version versions prior to 1.1.1.0 are vulnerable to improper authorization in handler for custom URL scheme. A crafted URL may direct the product to access an arbitrary website. As a result, the...

4.3CVSS6.9AI score0.00355EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:9 p.m.9 views

CVE-2021-20873

Yappli is an application development platform which provides the function to access a requested URL using Custom URL Scheme. When Android apps are developed with Yappli versions since v7.3.6 and prior to v9.30.0, they are vulnerable to improper authorization in Custom URL Scheme handler, and may ...

8.1CVSS6.7AI score0.00842EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:8 p.m.4 views

CVE-2021-20733

Improper authorization in handler for custom URL scheme vulnerability in あすけんダイエット asken diet for Android versions from v.3.0.0 to v.4.2.x allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App...

6.1CVSS7AI score0.00821EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/12/16 12:0 a.m.12 views

JVN#08430039: "Shonen Jump+" App for Android fails to restrict custom URL schemes properly

"Shonen Jump+" App for Android provided by SHUEISHA INC. provides the function to access a requested URL using Custom URL Scheme. The App does not restrict access to the function properly CWE-939 which may be exploited to direct the App to access any sites. Impact A remote attacker may lead a use...

3.3CVSS7AI score0.00165EPSS
Exploits0
CVE
CVE
added 2024/12/05 2:42 a.m.57 views

CVE-2024-54014

CVE-2024-54014 affects the Skylark App for Android (≤ 6.2.13) and iOS (≤ 6.2.13). The issue is an improper authorization in the handler for the app’s Custom URL Scheme, which could cause the app to load an arbitrary web site via another application on the device. According to the sources, the vul...

3.6CVSS6.6AI score0.0019EPSS
Exploits0References3
NVD
NVD
added 2024/10/28 9:15 p.m.13 views

CVE-2024-44155

A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in Safari 18, iOS 17.7.1 and iPadOS 17.7.1, iOS 18 and iPadOS 18, macOS Sequoia 15, watchOS 11. Maliciously crafted web content may violate iframe sandboxing policy...

6.5CVSS0.00517EPSS
Exploits0References6
NVD
NVD
added 2024/10/28 9:15 p.m.13 views

CVE-2024-40867

A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1. A remote attacker may be able to break out of Web Content sandbox...

9.6CVSS0.007EPSS
Exploits0References2
CVE
CVE
added 2024/10/28 9:8 p.m.71 views

CVE-2024-44155

CVE-2024-44155 affects Apple Safari and related OS components via a custom URL scheme handling issue. The root cause is improved input validation, addressing a vulnerability that could allow malicious web content to violate the iframe sandboxing policy. Public details indicate the fix is applied ...

6.5CVSS5.8AI score0.00517EPSS
Exploits0References6Affected Software5
Vulnrichment
Vulnrichment
added 2024/10/28 9:8 p.m.13 views

CVE-2024-44155

A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in Safari 18, iOS 17.7.1 and iPadOS 17.7.1, macOS Sequoia 15, watchOS 11, iOS 18 and iPadOS 18. Maliciously crafted web content may violate iframe sandboxing policy...

5.8AI score0.00517EPSS
Exploits0References5
Rows per page
Query Builder