Lucene search
K

22 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:57 a.m.5 views

CVE-2023-4617

Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android and iOS allows remote attacker to control devices owned by other users via changing "device", "sku" and "type" fields' values. This issue affects Govee Home applications on Android and iOS in versions...

10CVSS6.9AI score0.00571EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-44261

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00448EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-54470

Malicious code in bioql PyPI...

10CVSS6.6AI score0.00571EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-53474

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.0031EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:9 a.m.6 views

CVE-2024-56968

An issue in Shenzhen Intellirocks Tech Co. Ltd Govee Home iOS 6.5.01 allows attackers to access sensitive user information via supplying a crafted payload...

6.5CVSS6.1AI score0.0031EPSS
Exploits0References1
NVD
NVD
added 2025/01/27 7:15 p.m.16 views

CVE-2024-56968

An issue in Shenzhen Intellirocks Tech Co. Ltd Govee Home iOS 6.5.01 allows attackers to access sensitive user information via supplying a crafted payload...

6.5CVSS0.0031EPSS
Exploits0References1
CVE
CVE
added 2025/01/27 12:0 a.m.49 views

CVE-2024-56968

CVE-2024-56968 concerns the iOS app Govee Home from Shenzhen Intellirocks Tech Co. Ltd, specifically version 6.5.01 . The vulnerability description across multiple sources states that an attacker can access sensitive user information by supplying a crafted payload. The connected PT-2025-3369 entr...

6.5CVSS6.2AI score0.0031EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/27 12:0 a.m.4 views

PT-2025-3369 · Govee · Govee Home

Name of the Vulnerable Software and Affected Versions: Govee Home iOS version 6.5.01 Description: The issue allows attackers to access sensitive user information via supplying a crafted payload. Recommendations: For Govee Home iOS version 6.5.01, at the moment, there is no information about a new...

6.5CVSS6.5AI score0.0031EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/01/27 12:0 a.m.5 views

CVE-2024-56968

An issue in Shenzhen Intellirocks Tech Co. Ltd Govee Home iOS 6.5.01 allows attackers to access sensitive user information via supplying a crafted payload...

6AI score0.0031EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/27 12:0 a.m.4 views

Govee Home 安全漏洞

Govee Home is an application from Govee, Inc. A security vulnerability exists in Govee Home version 6.5.01 that originates from an attacker being able to access sensitive user information by providing a carefully crafted link...

6.5CVSS6.3AI score0.0031EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/27 12:0 a.m.13 views

CVE-2024-56968

An issue in Shenzhen Intellirocks Tech Co. Ltd Govee Home iOS 6.5.01 allows attackers to access sensitive user information via supplying a crafted payload...

0.0031EPSS
Exploits0References1
NVD
NVD
added 2024/12/19 10:15 a.m.45 views

CVE-2023-4617

Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android and iOS allows remote attacker to control devices owned by other users via changing "device", "sku" and "type" fields' values. This issue affects Govee Home applications on Android and iOS in...

10CVSS0.00571EPSS
Exploits0References4
CVE
CVE
added 2024/12/19 9:39 a.m.60 views

CVE-2023-4617

CVE-2023-4617 describes an incorrect authorization vulnerability in the Govee Home application (Android and iOS) that is exploitable via the HTTP POST method. A remote attacker can manipulate the request fields—device , sku , and type —to gain control of devices owned by other users. Affected ver...

10CVSS9AI score0.00571EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/12/19 12:0 a.m.5 views

PT-2024-13332 · Govee · Govee Home

Name of the Vulnerable Software and Affected Versions: Govee Home versions prior to 5.9 Description: The issue is related to an incorrect authorization vulnerability in the HTTP POST method in the Govee Home application on Android and iOS. This allows a remote attacker to control devices owned by...

10CVSS7.2AI score0.00571EPSS
Exploits0References10
CNNVD
CNNVD
added 2024/12/19 12:0 a.m.4 views

Govee Home 安全漏洞

Govee Home is an application from Govee, Inc. A security vulnerability exists in Govee Home that stems from an Authorization Error vulnerability in the HTTP POST method in the application, which allows remote attackers to take control of devices owned by other users by changing the values of the...

10CVSS6.9AI score0.00571EPSS
Exploits0References4
OSV
OSV
added 2023/09/11 10:15 a.m.5 views

CVE-2023-3612

Govee Home app has unprotected access to WebView component which can be opened by any app on the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or steal sensitive user data by displaying phishing content...

8.8CVSS5.8AI score0.00448EPSS
Exploits0References1
NVD
NVD
added 2023/09/11 10:15 a.m.24 views

CVE-2023-3612

Govee Home app has unprotected access to WebView component which can be opened by any app on the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or steal sensitive user data by displaying phishing content...

8.8CVSS8.3AI score0.00448EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/09/11 9:4 a.m.14 views

CVE-2023-3612 Unprotected WebView access in Govee Home App

Govee Home app has unprotected access to WebView component which can be opened by any app on the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or steal sensitive user data by displaying phishing content...

8.2CVSS6.8AI score0.00448EPSS
Exploits0References1
CVE
CVE
added 2023/09/11 9:4 a.m.47 views

CVE-2023-3612

The CVE-2023-3612 issue affects the Govee Home app, where unprotected access to the WebView component allows any app on the device to open WebView. A crafted URL can enable JavaScript execution in the WebView context or display phishing content to steal sensitive data. Documented impact includes ...

8.8CVSS8.3AI score0.00448EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/09/11 9:4 a.m.20 views

CVE-2023-3612 Unprotected WebView access in Govee Home App

Govee Home app has unprotected access to WebView component which can be opened by any app on the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or steal sensitive user data by displaying phishing content...

8.2CVSS8.8AI score0.00448EPSS
Exploits0References1
Rows per page
Query Builder