EUVD-2025-203879

The component com.transsion.tranfacmode.entrance.main.MainActivity in com.transsion.tranfacmode has no permission control and can be accessed by third-party apps which can construct intents to directly open adb debugging functionality without user interaction...

CVE-2025-14817

The component com.transsion.tranfacmode.entrance.main.MainActivity in com.transsion.tranfacmode has no permission control and can be accessed by third-party apps which can construct intents to directly open adb debugging functionality without user interaction...

CVE-2025-14817 Factory Mode App Exists Privilege Escalation Issue Allowing Third-Party Apps to Open ADB

The component com.transsion.tranfacmode.entrance.main.MainActivity in com.transsion.tranfacmode has no permission control and can be accessed by third-party apps which can construct intents to directly open adb debugging functionality without user interaction...

TECNO Pova6 Pro 5G 安全漏洞

TECNO Pova6 Pro 5G is a smartphone from TECNO, a Chinese company. A security vulnerability exists in TECNO Pova6 Pro 5G, which stems from a lack of privilege control in the com.transsion.tranfacmode.entrance.main.MainActivity component, which could result in a third-party application directly...

CVE-2023-47883

The com.altamirano.fabricio.tvbrowser TV browser application through 4.5.1 for Android is vulnerable to JavaScript code execution via an explicit intent due to an exposed MainActivity...

Ikhgur mn.ikhgur.khotoch 安全漏洞

Ikhgur mn.ikhgur.khotoch Ikhgur Video Downloader Pro & Browser is a video downloader from Ikhgur. A security vulnerability exists in Ikhgur mn.ikhgur.khotoch Video Downloader Pro & Browser version 1.0.42 and earlier versions. An attacker can exploit the vulnerability to execute arbitrary JavaScri...

CVE-2024-46966

The Ikhgur mn.ikhgur.khotoch aka Video Downloader Pro & Browser application through 1.0.42 for Android allows an attacker to execute arbitrary JavaScript code via the mn.ikhgur.khotoch.MainActivity component...

CVE-2023-47883

The com.altamirano.fabricio.tvbrowser TV browser application through 4.5.1 for Android is vulnerable to JavaScript code execution via an explicit intent due to an exposed MainActivity...

CVE-2023-47883

The com.altamirano.fabricio.tvbrowser TV browser application through 4.5.1 for Android is vulnerable to JavaScript code execution via an explicit intent due to an exposed MainActivity...

CVE-2023-47883

The com.altamirano.fabricio.tvbrowser TV browser application through 4.5.1 for Android is vulnerable to JavaScript code execution via an explicit intent due to an exposed MainActivity...

PT-2023-30656 · Unknown · Com.Altamirano.Fabricio.Tvbrowser

Name of the Vulnerable Software and Affected Versions: com.altamirano.fabricio.tvbrowser TV browser application versions through 4.5.1 for Android Description: The issue allows for JavaScript code execution via an explicit intent due to an exposed MainActivity. This could potentially lead to...

vlady-mix TV Browser Security Vulnerability

vlady-mix TV Browser is a web browser for Android TV from vlady-mix. A security vulnerability exists in vlady-mix TV Browser version 4.5.1 and earlier, which stems from an exposed MainActivity and can be exploited by an attacker to execute JavaScript code...

CVE-2023-47883

The com.altamirano.fabricio.tvbrowser TV browser application through 4.5.1 for Android is vulnerable to JavaScript code execution via an explicit intent due to an exposed MainActivity...

CVE-2023-47883

The CVE-2023-47883 issue affects the com.altamirano.fabricio.tvbrowser TV browser app for Android (versions through 4.5.1). Affected component: MainActivity exposed to an explicit intent, enabling JavaScript code execution. Impact is high (CVE scoring shows critical severity, vector: network, no ...

CVE-2023-42470

The Imou Life com.mm.android.smartlifeiot application through 6.8.0 for Android allows Remote Code Execution via a crafted intent to an exported component. This relates to the com.mm.android.easy4ip.MainActivity activity. JavaScript execution is enabled in the WebView, and direct web content...

CVE-2023-42470

The Imou Life com.mm.android.smartlifeiot application through 6.8.0 for Android allows Remote Code Execution via a crafted intent to an exported component. This relates to the com.mm.android.easy4ip.MainActivity activity. JavaScript execution is enabled in the WebView, and direct web content...

CVE-2023-42470

The Imou Life com.mm.android.smartlifeiot application through 6.8.0 for Android allows Remote Code Execution via a crafted intent to an exported component. This relates to the com.mm.android.easy4ip.MainActivity activity. JavaScript execution is enabled in the WebView, and direct web content...

ASB-A-270050064

In multiple functions of multiple files, there is a possible way to bypass the DISALLOWDEBUGGINGFEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

ASB-A-262243665

In multiple files, there is a possible way to access traces in the dev mode due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...