82 matches found
EUVD-2026-21438
OpenClaw before 2026.3.22 contains an unvalidated WebView JavascriptInterface vulnerability allowing attackers to inject arbitrary instructions. Untrusted pages can invoke the canvas bridge to execute malicious code within the Android application context...
CVE-2026-35643 OpenClaw < 2026.3.22 - Arbitrary Code Execution via Unvalidated WebView JavascriptInterface
OpenClaw before 2026.3.22 contains an unvalidated WebView JavascriptInterface vulnerability allowing attackers to inject arbitrary instructions. Untrusted pages can invoke the canvas bridge to execute malicious code within the Android application context...
CVE-2026-35643
OpenClaw before 2026.3.22 contains an unvalidated WebView JavascriptInterface vulnerability allowing attackers to inject arbitrary instructions. Untrusted pages can invoke the canvas bridge to execute malicious code within the Android application context...
EUVD-2022-42307
Malicious code in bioql PyPI...
EUVD-2022-52575
Malicious code in bioql PyPI...
CVE-2022-28799
The TikTok application before 23.7.3 for Android allows account takeover. A crafted URL unvalidated deeplink can force the com.zhiliaoapp.musically WebView to load an arbitrary website. This may allow an attacker to leverage an attached JavaScript interface for the takeover with one click...
CVE-2022-39862
Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R11 and 3.3.03.66 in Android S12 allows unauthorized use of javascript interface api...
CVE-2022-30746
Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript interface API...
CVE-2023-39493
PDF-XChange Editor exportAsText Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must...
CVE-2023-39493
PDF-XChange Editor exportAsText Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must...
CVE-2023-37330
Kofax Power PDF exportAsText Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2023-27363
Foxit PDF Reader exportXFAData Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit...
CVE-2023-27363
Foxit PDF Reader exportXFAData Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit...
CVE-2023-39493
CVE-2023-39493 affects PDF-XChange Editor. The vulnerability is in the exportAsText method, where a JavaScript interface exposes the ability to write arbitrary files, enabling remote code execution in the context of the current user. Exploitation requires user interaction (target user must visit ...
CVE-2023-39493 PDF-XChange Editor exportAsText Exposed Dangerous Method Remote Code Execution Vulnerability
PDF-XChange Editor exportAsText Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must...
CVE-2023-39493 PDF-XChange Editor exportAsText Exposed Dangerous Method Remote Code Execution Vulnerability
PDF-XChange Editor exportAsText Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must...
CVE-2023-37330 Kofax Power PDF exportAsText Exposed Dangerous Method Remote Code Execution Vulnerability
Kofax Power PDF exportAsText Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2023-27363
Foxit CVE-2023-27363 affects Foxit PDF Reader/Editor (including PhantomPDF lineage) via exportXFAData. The flaw arises from a JavaScript interface that allows writing arbitrary files, enabling remote code execution in the user context. Exploitation requires user interaction (visiting a malicious ...
CVE-2023-27363 Foxit PDF Reader exportXFAData Exposed Dangerous Method Remote Code Execution Vulnerability
Foxit PDF Reader exportXFAData Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit...
CVE-2023-27363 Foxit PDF Reader exportXFAData Exposed Dangerous Method Remote Code Execution Vulnerability
Foxit PDF Reader exportXFAData Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit...