CVE-2023-49001

An issue in Indi Browser aka kvbrowser v.12.11.23 allows an attacker to bypass intended access restrictions via interaction with the com.example.gurry.kvbrowswer.webview component...

CVE-2023-49001

An issue in Indi Browser aka kvbrowser v.12.11.23 allows an attacker to bypass intended access restrictions via interaction with the com.example.gurry.kvbrowswer.webview component...

Design/Logic Flaw

An issue in Indi Browser aka kvbrowser v.12.11.23 allows an attacker to bypass intended access restrictions via interaction with the com.example.gurry.kvbrowswer.webview component...

PT-2023-31026 · Unknown · Indi Browser

Name of the Vulnerable Software and Affected Versions: Indi Browser aka kvbrowser version 12.11.23 Description: An issue in Indi Browser allows an attacker to bypass intended access restrictions via interaction with the com.example.gurry.kvbrowswer.webview component. Recommendations: For version...

Indi Browser Security Vulnerability

Indi Browser is a browser from Indi Browser, Inc. A security vulnerability exists in Indi Browser version v.12.11.23, which stems from a vulnerability that allows an attacker to bypass intended access restrictions by interacting with the com.example.gurry.kvbrowswer.webview component...

Design/Logic Flaw

The wave.ai.browser application through 1.0.35 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. It contains a manifest entry that exports the wave.ai.browser.ui.splash.SplashScreen activity. This activity uses a WebView component to display web conte...

CVE-2023-42471

The wave.ai.browser application through 1.0.35 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. It contains a manifest entry that exports the wave.ai.browser.ui.splash.SplashScreen activity. This activity uses a WebView component to display web conte...

PT-2023-28361 · Unknown · Wave.Ai.Browser

Name of the Vulnerable Software and Affected Versions: wave.ai.browser application through 1.0.35 for Android Description: The issue allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. It contains a manifest entry that exports the...

CVE-2023-26311

A remote code execution vulnerability in the webview component of OPPO Store app...

Remote code execution

A remote code execution vulnerability in the webview component of OPPO Store app...

CVE-2023-26309

A remote code execution vulnerability in the webview component of OnePlus Store app...

CVE-2023-26309

A remote code execution vulnerability in the webview component of OnePlus Store app...

CVE-2023-26309

CVE-2023-26309 describes a remote code execution in the webview component of the OnePlus Store app. Affected: OnePlus Store app webview. Vulnerability type and root cause are not detailed beyond generic RCE in webview; impact is high (C/H/I/A: HIGH per NVD; CVSS v3.1 scores show 9.8 base in NVD w...

OPPO Store app security breach

The OPPO Store app is a mobile store application from OPPO Guangdong Mobile Communications OPPO, China. A security vulnerability exists in OPPO Store app version 5.11.2023, which stems from a remote code execution RCE vulnerability in the webview component...

CVE-2021-23863

HTML code injection vulnerability in Android Application, Bosch Video Security, version 3.2.3. or earlier, when successfully exploited allows an attacker to inject random HTML code into a component loaded by WebView, thus allowing the Application to display web resources controlled by the attacke...

Bosch Video Security 跨站脚本漏洞

Bosch Video Security is a video security system from Bosch, Germany. Used to connect to Bosch Ip cameras and encoders from around the world, experience instant video playback, full access to your recordings, forensic search of cameras with Bosch video analytics support, and smooth control of Ptz...

PT-2021-16638 · Unknown · Smart Touch Call

Name of the Vulnerable Software and Affected Versions: Smart Touch Call versions prior to 1.0.0.5 Description: The issue is related to improper access control, allowing arbitrary webpage loading in the webview component. Recommendations: For versions prior to 1.0.0.5, update to version 1.0.0.5 or...

Authorization Bypass

chromium is vulnerable to authorization bypass. An insufficient policy enforcement flaw in the WebView component allows an attacker to bypass access controls...

The vulnerability of the Microsoft Xamarin.Forms user interface platform, the WebView component for displaying web pages, and the Google Chrome browser is related to errors in the user interface’s information presentation. This allows attackers to perform spear-phishing attacks.

The vulnerability of the Microsoft Xamarin.Forms user interface platform, including the WebView component for displaying web pages and the Google Chrome browser, is related to errors in the user interface’s information presentation. Exploiting this vulnerability can allow a remote attacker to...

[ASA-202004-9] chromium: multiple issues

Arch Linux Security Advisory ASA-202004-9 ========================================= Severity: High Date : 2020-04-08 CVE-ID : CVE-2020-6423 CVE-2020-6430 CVE-2020-6431 CVE-2020-6432 CVE-2020-6433 CVE-2020-6434 CVE-2020-6435 CVE-2020-6436 CVE-2020-6437 CVE-2020-6438 CVE-2020-6439 CVE-2020-6440...