Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

47 matches found

OSV
OSVadded 2020/03/06 5:15 p.m.3 views

CVE-2020-9530

An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. The export component of GetAppscom.xiaomi.mipicks mishandles the functionality of opening other components. Attackers need to induce users to open specific web pages in a specific network environment. By jumping to the WebView...

6.5CVSS6.6AI score0.01477EPSS
Exploits0References2
Prion
Prionadded 2020/03/06 5:15 p.m.14 views

Design/Logic Flaw

An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. The export component of GetAppscom.xiaomi.mipicks mishandles the functionality of opening other components. Attackers need to induce users to open specific web pages in a specific network environment. By jumping to the WebView...

4.3CVSS6.2AI score0.01477EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/17 10:31 p.m.25 views

Security Bulletin: IBM Mobile Foundation, IBM Worklight, and IBM Worklight Foundation are affected by the following Apache Cordova vulnerabilities: CVE-2014-3500, CVE-2014-3501 and CVE-2014-3502

Summary Apache Cordova, which is used by these products, is vulnerable to Cross-Application Scripting XAS and Data Exfiltration vulnerabilities. A remote attacker might exploit these vulnerabilities to expose sensitive data from the mobile application. Vulnerability Details CVEID: CVE-2014-3500...

6.4CVSS0.9AI score0.04964EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTECadded 2015/09/08 12:0 a.m.3 views

The vulnerability of the iOS operating system allows a perpetrator to initiate arbitrary calls in FaceTime.

The vulnerability of the UIKit WebView component in the iOS operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to initiate arbitrary calls in FaceTime using a specially crafted URL...

4.3CVSS5.6AI score0.01374EPSS
Exploits0References3Affected Software1
0day.today
0day.todayadded 2014/02/08 12:0 a.m.59 views

Android Browser and WebView addJavascriptInterface Code Execution

This Metasploit module exploits a privilege escalation issue in Android versions prior 4.2's WebView component that arises when untrusted Javascript code is executed by a WebView that has one or more Interfaces added to it. The untrusted Javascript code can call into the Java Reflection APIs...

7.2AI score
Exploits0
Packet Storm
Packet Stormadded 2014/02/07 12:0 a.m.23 views

Android Browser / WebView addJavascriptInterface Code Execution

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Android", :arch = ARCHARMLE, :javascript = true, :rank = ExcellentRanking, :vulntest = %Q| for i in top try...

1AI score
Exploits0
Vulnrichment
Vulnrichmentadded 1976/01/01 12:0 a.m.22 views

CVE-2024-31974

The com.solarized.firedown aka Solarized FireDown Browser & Downloader application 1.0.76 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. com.solarized.firedown.IntentActivity uses a WebView component to display web content and doesn't adequately...

7.6AI score0.00642EPSS
Exploits0References1
Rows per page
Query Builder