22 matches found
CVE-2023-4617
Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android and iOS allows remote attacker to control devices owned by other users via changing "device", "sku" and "type" fields' values. This issue affects Govee Home applications on Android and iOS in versions...
EUVD-2023-44261
Malicious code in bioql PyPI...
EUVD-2023-54470
Malicious code in bioql PyPI...
EUVD-2024-53474
Malicious code in bioql PyPI...
CVE-2024-56968
An issue in Shenzhen Intellirocks Tech Co. Ltd Govee Home iOS 6.5.01 allows attackers to access sensitive user information via supplying a crafted payload...
CVE-2024-56968
An issue in Shenzhen Intellirocks Tech Co. Ltd Govee Home iOS 6.5.01 allows attackers to access sensitive user information via supplying a crafted payload...
CVE-2024-56968
CVE-2024-56968 concerns the iOS app Govee Home from Shenzhen Intellirocks Tech Co. Ltd, specifically version 6.5.01 . The vulnerability description across multiple sources states that an attacker can access sensitive user information by supplying a crafted payload. The connected PT-2025-3369 entr...
PT-2025-3369 · Govee · Govee Home
Name of the Vulnerable Software and Affected Versions: Govee Home iOS version 6.5.01 Description: The issue allows attackers to access sensitive user information via supplying a crafted payload. Recommendations: For Govee Home iOS version 6.5.01, at the moment, there is no information about a new...
CVE-2024-56968
An issue in Shenzhen Intellirocks Tech Co. Ltd Govee Home iOS 6.5.01 allows attackers to access sensitive user information via supplying a crafted payload...
Govee Home 安全漏洞
Govee Home is an application from Govee, Inc. A security vulnerability exists in Govee Home version 6.5.01 that originates from an attacker being able to access sensitive user information by providing a carefully crafted link...
CVE-2024-56968
An issue in Shenzhen Intellirocks Tech Co. Ltd Govee Home iOS 6.5.01 allows attackers to access sensitive user information via supplying a crafted payload...
CVE-2023-4617
Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android and iOS allows remote attacker to control devices owned by other users via changing "device", "sku" and "type" fields' values. This issue affects Govee Home applications on Android and iOS in...
CVE-2023-4617
CVE-2023-4617 describes an incorrect authorization vulnerability in the Govee Home application (Android and iOS) that is exploitable via the HTTP POST method. A remote attacker can manipulate the request fields—device , sku , and type —to gain control of devices owned by other users. Affected ver...
PT-2024-13332 · Govee · Govee Home
Name of the Vulnerable Software and Affected Versions: Govee Home versions prior to 5.9 Description: The issue is related to an incorrect authorization vulnerability in the HTTP POST method in the Govee Home application on Android and iOS. This allows a remote attacker to control devices owned by...
Govee Home 安全漏洞
Govee Home is an application from Govee, Inc. A security vulnerability exists in Govee Home that stems from an Authorization Error vulnerability in the HTTP POST method in the application, which allows remote attackers to take control of devices owned by other users by changing the values of the...
CVE-2023-3612
Govee Home app has unprotected access to WebView component which can be opened by any app on the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or steal sensitive user data by displaying phishing content...
CVE-2023-3612
Govee Home app has unprotected access to WebView component which can be opened by any app on the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or steal sensitive user data by displaying phishing content...
CVE-2023-3612 Unprotected WebView access in Govee Home App
Govee Home app has unprotected access to WebView component which can be opened by any app on the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or steal sensitive user data by displaying phishing content...
CVE-2023-3612
The CVE-2023-3612 issue affects the Govee Home app, where unprotected access to the WebView component allows any app on the device to open WebView. A crafted URL can enable JavaScript execution in the WebView context or display phishing content to steal sensitive data. Documented impact includes ...
CVE-2023-3612 Unprotected WebView access in Govee Home App
Govee Home app has unprotected access to WebView component which can be opened by any app on the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or steal sensitive user data by displaying phishing content...