Lucene search
K

102 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:57 a.m.13 views

CVE-2023-6542

Due to lack of proper authorization checks in Emarsys SDK for Android, an attacker can call a particular activity and can forward himself web pages and/or deep links without any validation directly from the host application. On successful attack, an attacker could navigate to arbitrary URL...

7.1CVSS6.9AI score0.00222EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:22 a.m.13 views

CVE-2023-51219

A deep link validation issue in KakaoTalk 10.4.3 allowed a remote adversary to direct users to run any attacker-controlled JavaScript within a WebView. The impact was further escalated by triggering another WebView that leaked its access token in a HTTP request header. Ultimately, this access tok...

9.6CVSS6.7AI score0.00523EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:22 a.m.11 views

CVE-2023-24601

OX App Suite before frontend 7.10.6-rev24 allows XSS via a non-app deeplink such as the jslob API's registry sub-tree...

6.1CVSS5.8AI score0.00428EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:15 a.m.3 views

CVE-2023-22472

Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. It is possible to make a user send any POST request with an arbitrary body given they click on a malicious deep link on a Windows computer. e.g. in an email, chat link...

8.8CVSS6.9AI score0.00204EPSS
Exploits0References1
Snyk
Snyk
added 2025/04/08 4:33 p.m.2 views

Access Control Bypass

Overview shopware/core is a Shopware platform is the core for all Shopware ecommerce products. Affected versions of this package are vulnerable to Access Control Bypass due to improper access control mechanisms. An attacker can access documents of other customers by guessing the deepLinkCode of a...

6.3CVSS6.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/09/18 12:0 a.m.11 views

PT-2024-35: Automatic explicit deep link assignment in Android Jetpack Navigation Library

The vulnerability was identified in Android Jetpack Navigation Library in versions 2.8.1. The discovered vulnerability allows an attacker, using automatically assigned explicit deep links, to open arbitrary screens in the application and pass them arbitrary parameters Vulnerability status:...

7.8CVSS7.3AI score
Exploits0References3
NVD
NVD
added 2024/06/11 7:16 p.m.26 views

CVE-2024-34405

Improper deep link validation in McAfee Security: Antivirus VPN for Android before 8.3.0 could allow an attacker to launch an arbitrary URL within the app...

9.1CVSS0.00472EPSS
Exploits0References2
NVD
NVD
added 2024/06/11 7:16 p.m.20 views

CVE-2024-34406

Improper exception handling in McAfee Security: Antivirus VPN for Android before 8.3.0 could allow an attacker to cause a denial of service through the use of a malformed deep link...

5.3CVSS0.00357EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/11 12:0 a.m.6 views

McAfee Security Antivirus VPN for Android Security Vulnerability

McAfee Security Antivirus VPN for Android is a network security software from McAfee, Inc. A security vulnerability exists in McAfee Security Antivirus VPN for Android prior to version 8.3.0, which stems from an improper exception handling that could allow an attacker to cause a denial of service...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/06/11 12:0 a.m.10 views

CVE-2024-34406

Improper exception handling in McAfee Security: Antivirus VPN for Android before 8.3.0 could allow an attacker to cause a denial of service through the use of a malformed deep link...

6.8AI score0.00357EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/11 12:0 a.m.17 views

CVE-2024-34406

Improper exception handling in McAfee Security: Antivirus VPN for Android before 8.3.0 could allow an attacker to cause a denial of service through the use of a malformed deep link...

0.00357EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/11 12:0 a.m.31 views

CVE-2024-34405

Improper deep link validation in McAfee Security: Antivirus VPN for Android before 8.3.0 could allow an attacker to launch an arbitrary URL within the app...

0.00472EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/11 12:0 a.m.5 views

McAfee Security Antivirus VPN for Android Security Vulnerability

McAfee Security Antivirus VPN for Android is a cybersecurity software from McAfee USA. A security vulnerability exists in McAfee Security Antivirus VPN for Android prior to version 8.3.0, which stems from improper deep link validation and allows an attacker to launch arbitrary URLs within the...

9.1CVSS6.8AI score0.00472EPSS
Exploits0References4
CVE
CVE
added 2024/06/11 12:0 a.m.46 views

CVE-2024-34406

Summary: CVE-2024-34406 affects McAfee Security: Antivirus VPN for Android, specifically versions prior to 8.3.0. The issue is described as improper exception handling that could allow an attacker to cause a denial of service through the use of a malformed deep link. What’s affected: Android app ...

5.3CVSS6.8AI score0.00357EPSS
Exploits0References2
CVE
CVE
added 2024/06/11 12:0 a.m.50 views

CVE-2024-34405

The CVE-2024-34405 entry concerns McAfee Security: Antivirus VPN for Android prior to version 8.3.0. The issue is described as improper deep link validation, which could allow an attacker to launch an arbitrary URL from within the app. The RedHat/CNNVD/CVE ecosystem sources corroborate the genera...

9.1CVSS7AI score0.00472EPSS
Exploits0References2
NVD
NVD
added 2024/06/03 8:15 p.m.22 views

CVE-2023-51219

A deep link validation issue in KakaoTalk 10.4.3 allowed a remote adversary to direct users to run any attacker-controlled JavaScript within a WebView. The impact was further escalated by triggering another WebView that leaked its access token in a HTTP request header. Ultimately, this access tok...

9.6CVSS6.3AI score0.00523EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/06/03 12:0 a.m.4 views

PT-2024-14074 · Kakao · Kakaotalk

Name of the Vulnerable Software and Affected Versions: KakaoTalk version 10.4.3 Description: A deep link validation issue allowed a remote adversary to direct users to run any attacker-controlled JavaScript within a WebView. The impact was further escalated by triggering another WebView that leak...

9.6CVSS6.4AI score0.00523EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2024/06/03 12:0 a.m.18 views

CVE-2023-51219

A deep link validation issue in KakaoTalk 10.4.3 allowed a remote adversary to direct users to run any attacker-controlled JavaScript within a WebView. The impact was further escalated by triggering another WebView that leaked its access token in a HTTP request header. Ultimately, this access tok...

6.3AI score0.00523EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/03 12:0 a.m.30 views

CVE-2023-51219

A deep link validation issue in KakaoTalk 10.4.3 allowed a remote adversary to direct users to run any attacker-controlled JavaScript within a WebView. The impact was further escalated by triggering another WebView that leaked its access token in a HTTP request header. Ultimately, this access tok...

6.3AI score0.00523EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/05 12:0 a.m.5 views

PT-2024-4663 · Mcafee · Mcafee Security: Antivirus Vpn For Android

Name of the Vulnerable Software and Affected Versions: McAfee Security: Antivirus VPN for Android versions prior to 8.3.0 Description: The issue is related to improper deep link validation, which could allow an attacker to launch an arbitrary URL within the app. This could potentially lead to...

9.4CVSS7.3AI score0.00472EPSS
Exploits0References7
Rows per page
Query Builder