4837 matches found
CVE-2025-9677 Modo Legend of the Phoenix com.duige.hzw.multilingual AndroidManifest.xml improper export of android application components
A security flaw has been discovered in Modo Legend of the Phoenix up to 1.0.5. The affected element is an unknown function of the file AndroidManifest.xml of the component com.duige.hzw.multilingual. The manipulation results in improper export of android application components. The attack needs t...
CVE-2025-9677 Modo Legend of the Phoenix com.duige.hzw.multilingual AndroidManifest.xml improper export of android application components
A security flaw has been discovered in Modo Legend of the Phoenix up to 1.0.5. The affected element is an unknown function of the file AndroidManifest.xml of the component com.duige.hzw.multilingual. The manipulation results in improper export of android application components. The attack needs t...
CVE-2025-9673
A vulnerability was detected in Kakao 헤이카카오 Hey Kakao App up to 2.17.4 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.kakao.i.connect. The manipulation results in improper export of android application components. The...
CVE-2025-9671
A weakness has been identified in UAB Paytend App up to 2.1.9 on Android. This impacts an unknown function of the file AndroidManifest.xml of the component com.passport.cash. Executing manipulation can lead to improper export of android application components. The attack needs to be launched...
CVE-2025-9672
The CVE-2025-9672 entry affects Rejseplanen App (package de.hafas.android.rejseplanen) up to version 8.2.2. The vulnerability arises from an improper export of AndroidManifest.xml components in the app, enabling a local attack. Public exploit details exist, and there was no response from the vend...
CVE-2025-9672 Rejseplanen App de.hafas.android.rejseplanen AndroidManifest.xml improper export of android application components
A security vulnerability has been detected in Rejseplanen App up to 8.2.2. Affected is an unknown function of the file AndroidManifest.xml of the component de.hafas.android.rejseplanen. The manipulation leads to improper export of android application components. The attack needs to be performed...
UBUNTU-CVE-2025-9649
A security vulnerability has been detected in appneta tcpreplay 4.5.1. Impacted is the function calcsleeptime of the file sendpackets.c. Such manipulation leads to divide by zero. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. Upgrading to version...
CVE-2025-9649
CVE-2025-9649 affects appneta tcpreplay 4.5.1. The vulnerability is in the function calc_sleep_time (send_packets.c), where input handling leads to a divide-by-zero. Exploitation is local, with publicly disclosed exploit details. A fix is available in 4.5.3-beta3, and vendor notes indicate reprod...
Transbyte Scooper News App 安全漏洞
Transbyte Scooper News App is a news app from Transbyte, a Hong Kong, China-based company. A security vulnerability exists in Transbyte Scooper News App version 1.2 and earlier, which stems from improper component export in the file AndroidManifest.xml and could lead to a local attack...
Rejseplanen App 安全漏洞
Rejseplanen App is a mobile application from Rejseplanen, a Danish company, that has the ability to look up information about the specific operation of buses, trains, and locations in Denmark. A security vulnerability exists in Rejseplanen App version 8.2.2 and earlier, which stems from improper...
Modo Legend of the Phoenix 安全漏洞
Modo Legend of the Phoenix is a mobile game by China Modo. A security vulnerability exists in Modo Legend of the Phoenix 1.0.5 and earlier versions, which stems from improper component export in the file AndroidManifest.xml and could lead to a local attack...
UAB Paytend App 安全漏洞
UAB Paytend App is a banking mobile application from UAB Paytend. A security vulnerability exists in UAB Paytend App version 2.1.9 and earlier, which stems from improper component export in the file AndroidManifest.xml and could lead to a local attack...
NCSOFT Universe App 安全漏洞
NCSOFT Universe App is a mobile game by South Korean company NCSOFT. A security vulnerability exists in NCSOFT Universe App version 1.3.0 and earlier, which stems from improper component export in the file AndroidManifest.xml and could lead to a local attack...
PT-2025-35310
Name of the Vulnerable Software and Affected Versions: Kakao Hey Kakao App versions up to 2.17.4 Description: A vulnerability exists in the Kakao Hey Kakao App on Android, affecting an unknown functionality within the AndroidManifest.xml file of the com.kakao.i.connect component. This issue resul...
Kakao Hey Kakao App 安全漏洞
Kakao Hey Kakao App is a messaging app from the South Korean company Kakao. A security vulnerability exists in Kakao Hey Kakao App version 2.17.4 and earlier, which stems from improper component export in the file AndroidManifest.xml and could lead to a local attack...
Baviux Voice Changer App 安全漏洞
Baviux Voice Changer App is a voice changer software from Baviux. A security vulnerability exists in Baviux Voice Changer App version 1.1.0 and earlier, which stems from improper component export in the file AndroidManifest.xml, and could lead to a local attack...
CVE-2025-9589
CVE-2025-9589 affects Cudy WR1200EA (version 2.3.7-20250113-121810). The vulnerability concerns an unknown function in the file /etc/shadow that can be manipulated to enable default password usage. Exploitation requires local access and is rated high in complexity, with exploitation described as ...
CVE-2025-9589 Cudy WR1200EA shadow default password
A vulnerability was determined in Cudy WR1200EA 2.3.7-20250113-121810. Affected is an unknown function of the file /etc/shadow. Executing manipulation can lead to use of default password. The attack needs to be launched locally. A high complexity level is associated with this attack. The...
CVE-2025-9589 Cudy WR1200EA shadow default password
A vulnerability was determined in Cudy WR1200EA 2.3.7-20250113-121810. Affected is an unknown function of the file /etc/shadow. Executing manipulation can lead to use of default password. The attack needs to be launched locally. A high complexity level is associated with this attack. The...
CVE-2025-9577
A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected element is an unknown function of the file /etc/shadow.sample of the component Administrative Interface. The manipulation results in use of default credentials. Attacking locally is a requirement. Attacks of this...