Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-44261

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00448EPSS
Exploits0References1
CVE
CVE
added 2024/12/19 9:39 a.m.64 views

CVE-2023-4617

CVE-2023-4617 describes an incorrect authorization vulnerability in the Govee Home application (Android and iOS) that is exploitable via the HTTP POST method. A remote attacker can manipulate the request fields—device , sku , and type —to gain control of devices owned by other users. Affected ver...

10CVSS9AI score0.00582EPSS
Exploits0References4
NVD
NVD
added 2023/09/11 10:15 a.m.25 views

CVE-2023-3612

Govee Home app has unprotected access to WebView component which can be opened by any app on the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or steal sensitive user data by displaying phishing content...

8.8CVSS8.3AI score0.00448EPSS
Exploits0References1
OSV
OSV
added 2023/09/11 10:15 a.m.5 views

CVE-2023-3612

Govee Home app has unprotected access to WebView component which can be opened by any app on the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or steal sensitive user data by displaying phishing content...

8.8CVSS5.8AI score0.00448EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/09/11 9:4 a.m.15 views

CVE-2023-3612 Unprotected WebView access in Govee Home App

Govee Home app has unprotected access to WebView component which can be opened by any app on the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or steal sensitive user data by displaying phishing content...

8.2CVSS6.8AI score0.00448EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/11 9:4 a.m.22 views

CVE-2023-3612 Unprotected WebView access in Govee Home App

Govee Home app has unprotected access to WebView component which can be opened by any app on the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or steal sensitive user data by displaying phishing content...

8.2CVSS8.8AI score0.00448EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/09/11 12:0 a.m.5 views

PT-2023-25434 · Govee · Govee Home

Name of the Vulnerable Software and Affected Versions: Govee Home app affected versions not specified Description: The Govee Home app has unprotected access to the WebView component, which can be opened by any app on the device. By sending a URL to a specially crafted site, an attacker can execut...

8.8CVSS8.6AI score0.00448EPSS
Exploits0References5
Rows per page
Query Builder