CVE-2023-43999

An issue in COLORFULlaundry mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

CVE-2023-43996

An issue in Q co ltd mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

CVE-2023-29534

Different techniques existed to obscure the fullscreen notification in Firefox and Focus for Android. These could have led to potential user confusion and spoofing attacks. This bug only affects Firefox and Focus for Android. Other versions of Firefox are unaffected. This vulnerability affects...

CVE-2023-49098

Discourse-reactions is a plugin that allows user to add their reactions to the post. Data about a user's reaction notifications could be exposed. This vulnerability was patched in commit 2c26939...

CVE-2023-45561

An issue in A-WORLD OIRASE BEERwaiting Line v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token...

CVE-2023-40073

In visitUris of Notification.java, there is a possible cross-user media read due to Confused Deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-40106

In sanitizeSbn of NotificationManagerService.java, there is a possible way to launch an activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-40098

In mOnDone of NotificationConversationInfo.java, there is a possible way to access app notification data of another user due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitatio...

CVE-2018-21056

An issue was discovered on Samsung mobile devices with O8.x software. The Smartwatch displays Secure Folder Notification content. The Samsung ID is SVE-2018-12458 September 2018...

CVE-2018-14997

The Leagoo P1 Android device with a build fingerprint of sp7731c1h1032v4bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains the android framework i.e., systemserver with a package name of android that has been modified by Leagoo or another entity in the supply chain. The systemserv...

CVE-2021-0385

In createConnectToAvailableNetworkNotification of ConnectToNetworkNotificationBuilder.java, there is a possible connection to untrusted WiFi networks due to notification interaction above the lockscreen. This could lead to local escalation of privilege with no additional execution privileges...

CVE-2021-0682

In sendAccessibilityEvent of NotificationManagerService.java, there is a possible disclosure of notification data due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2021-0331

In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack due to an insecure default value. This could lead to local escalation of privilege and notification access with User execution privileges needed. User interaction is needed for exploitation.Product:...

CVE-2022-38268

School Activity Updates with SMS Notification v1.0 was discovered to contain a SQL injection vulnerability via the component /modules/autonumber/index.php?view=edit=...

CVE-2022-38269

School Activity Updates with SMS Notification v1.0 was discovered to contain a SQL injection vulnerability via the component /modules/modstudent/index.php?view=edit=...

CVE-2019-18653

A Cross Site Scripting XSS issue exists in Avast AntiVirus Free, Internet Security, and Premiere Edition 19.3.2369 build 19.3.4241.440 in the Network Notification Popup, allowing an attacker to execute JavaScript code via an SSID Name...

CVE-2019-18654

A Cross Site Scripting XSS issue exists in AVG AntiVirus Internet Security Edition 19.3.3084 build 19.3.4241.440 in the Network Notification Popup, allowing an attacker to execute JavaScript code via an SSID Name...

CVE-2019-11547

An issue was discovered in GitLab Community and Enterprise Edition before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. It has Improper Encoding or Escaping of Output. The branch name on new merge request notification emails isn't escaped, which could potentially lead to XSS issues...

CVE-2019-20599

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 software. Voice Assistant mishandles the notification audibility of a secured app. The Samsung ID is SVE-2018-13326 May 2019...

CVE-2020-10834

An issue was discovered on Samsung mobile devices with P9.0 software. Attackers can view notifications on the lock screen via Routines. The Samsung ID is SVE-2019-15074 February 2020...