22 matches found
PT-2026-47053
Name of the Vulnerable Software and Affected Versions Markdown Preview Enhanced versions 0.8.x Description A code injection issue exists in the WaveDrom rendering pipeline. Attackers can execute arbitrary JavaScript by embedding malicious content in a wavedrom fenced code block within a crafted...
CVE-2026-11167
Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-44698
Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.4.1 for iOS and 2026.4.4 for Android, he Home Assistant Companion apps for Android and iOS expose a JavaScript bridge to the in-app WebView window.externalApp on Android and...
EUVD-2012-3957
Malware in sbrugna...
EUVD-2020-27587
Malware in sbrugna...
EUVD-2021-12359
Malware in sbrugna...
EUVD-2012-3961
Malware in sbrugna...
EUVD-2012-1269
Malware in sbrugna...
EUVD-2023-33028
Malicious code in bioql PyPI...
CVE-2019-8345
The Help feature in the ES File Explorer File Manager application 4.1.9.7.4 for Android allows session hijacking by a Man-in-the-middle attacker on the local network because HTTPS is not used, and an attacker's web site is displayed in a WebView with no information about the URL...
PT-2023-28360 · Imou Life · Imou Life
Name of the Vulnerable Software and Affected Versions: Imou Life com.mm.android.smartlifeiot application through 6.8.0 for Android Description: The issue allows Remote Code Execution via a crafted intent to an exported component, specifically relating to the com.mm.android.easy4ip.MainActivity...
Zomato: [Zomato Android/iOS] Theft of user session
Hi, I'd like to report a bug which allows to theft user data even without installing third-party apps. Activity xml is exported, and can be accessed by browser. When any WebView in a client app, or a browser meets a zomato://etc URL it will automatically launch Zomato app. File...
Music game: Dance with animals - Base64 encoded String, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Music game: Dance with animals published at the 'play' market has multiple vulnerabilities...
Colors - Games free for kids - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application Colors - Games free for kids published at the 'play' market has multiple vulnerabilities...
Online Soccer Manager (OSM) - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application Online Soccer Manager OSM published at the 'play' market has multiple vulnerabilities...
Immortal DreamX - Customized SSL, Runtime privilege escalation, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Immortal DreamX published at the 'play' market has multiple vulnerabilities...
Fancy Nail Shop - WebView SSL handling enabled, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Fancy Nail Shop published at the 'play' market has multiple vulnerabilities...
Splitter: Multiplayer - MIT license, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Splitter: Multiplayer published at the 'play' market has multiple vulnerabilities...
Map of Germany - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Map of Germany published at the 'play' market has multiple vulnerabilities...
Free Z Glass GO Keyboard Theme - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application Free Z Glass GO Keyboard Theme published at the 'play' market has multiple vulnerabilities...