Lucene search
K

240 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 6:39 p.m.10 views

CVE-2021-36214

LINE client for iOS before 10.16.3 allows cross site script with specific header in WebView...

6.1CVSS6.3AI score0.00724EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:41 a.m.11 views

CVE-2012-4009

The WebView class in the Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL...

6.8CVSS7.4AI score0.01999EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/25 3:14 a.m.7 views

CVE-2024-1609 OPPO Store APP has a WebView component privilege escalation vulnerability.

In OPPOStore iOS App, there's a possible escalation of privilege due to improper input validation...

8.7CVSS7AI score0.00466EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/17 3:36 p.m.27 views

CVE-2024-31974

The com.solarized.firedown aka Solarized FireDown Browser & Downloader application 1.0.76 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. com.solarized.firedown.IntentActivity uses a WebView component to display web content and doesn't adequately...

7.2AI score0.00642EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/01 12:0 a.m.3 views

PT-2024-22635 · Yahoo · Yahoo! Japan App For Android +1

Name of the Vulnerable Software and Affected Versions: Yahoo! JAPAN App for Android versions 2.3.1 through 3.161.1 Yahoo! JAPAN App for iOS versions 3.2.2 through 4.109.0 Description: The issue is related to a cross-site scripting vulnerability. If exploited, an arbitrary script may be executed o...

6.1CVSS6.2AI score0.00314EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/10/19 12:0 a.m.9 views

PT-2023-28154 · Home Assistant · Home Assistant Companion For Android

Name of the Vulnerable Software and Affected Versions: Home Assistant Companion for Android app versions 2023.8.2 and earlier Description: The Home Assistant Companion for Android app is vulnerable to arbitrary URL loading in a WebView, enabling attacks such as arbitrary JavaScript execution,...

8.6CVSS7.4AI score0.00164EPSS
Exploits0References6
NVD
NVD
added 2023/09/11 10:15 a.m.24 views

CVE-2023-3612

Govee Home app has unprotected access to WebView component which can be opened by any app on the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or steal sensitive user data by displaying phishing content...

8.8CVSS8.3AI score0.00448EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/09/11 8:15 a.m.4 views

CVE-2023-42471

The wave.ai.browser application through 1.0.35 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. It contains a manifest entry that exports the wave.ai.browser.ui.splash.SplashScreen activity. This activity uses a WebView component to display web conte...

9.8CVSS7.6AI score0.01419EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/09/11 12:0 a.m.4 views

Govee Home Security Breach

Govee Home is a software application. Govee Home contains a security vulnerability that stems from the fact that the WebView component can be opened by any application on the device, and by sending the URL to a specially crafted website, an attacker can execute JavaScript in the WebView context o...

8.8CVSS6.8AI score0.00448EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/09/11 12:0 a.m.4 views

PT-2023-25434 · Govee · Govee Home

Name of the Vulnerable Software and Affected Versions: Govee Home app affected versions not specified Description: The Govee Home app has unprotected access to the WebView component, which can be opened by any app on the device. By sending a URL to a specially crafted site, an attacker can execut...

8.8CVSS8.6AI score0.00448EPSS
Exploits0References5
Prion
Prion
added 2023/08/10 9:15 a.m.8 views

Remote code execution

A remote code execution vulnerability in the webview component of OnePlus Store app...

7.5CVSS9.7AI score0.00638EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/08/10 12:0 a.m.4 views

OPPO OnePlus Mall Security Breach

OPPO OnePlus Mall is a mobile application from OPPO Guangdong Mobile Communications OPPO, China. A security vulnerability exists in OPPO OnePlus Mall version 3.0.2023, which stems from a remote code execution RCE vulnerability in the webview component...

9.8CVSS8AI score0.00638EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.4 views

SUSE CVE-2021-37990

Inappropriate implementation in WebView in Google Chrome on Android prior to 95.0.4638.54 allowed a remote attacker to leak cross-origin data via a crafted app...

5.5CVSS6.5AI score0.00588EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2022/07/06 12:0 a.m.7 views

The vulnerability of the categoryId parameter in the WWebView component of the MCE Systems mobile device lifecycle management system allows attackers to enhance their privileges.

The vulnerability of the categoryId parameter in the WWebView component of the MCE Systems lifecycle management system is related to errors in link processing before accessing a file, as well as deserialization of the PendingDynamicLinkData structure from the Intent Extra array with the key...

8.6CVSS5.9AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/05/30 12:0 a.m.5 views

PT-2022-19245 · Bytedance +1 · Tiktok +1

Name of the Vulnerable Software and Affected Versions: TikTok application before 23.7.3 for Android Description: The issue allows account takeover through a crafted URL that can force the com.zhiliaoapp.musically WebView to load an arbitrary website, potentially leveraging an attached JavaScript...

8.8CVSS8.5AI score0.1553EPSS
Exploits0References11
OSV
OSV
added 2021/08/05 8:15 p.m.4 views

CVE-2021-25448

Improper access control vulnerability in Smart Touch Call prior to version 1.0.0.5 allows arbitrary webpage loading in webview...

5.3CVSS6.2AI score0.00814EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/07/08 12:0 a.m.4 views

SAMSUNG Members 安全漏洞

Samsung Members is a community platform app from Samsung South Korea. An access control error vulnerability exists in Samsung Members. The vulnerability allows untrusted applications to cause local file inclusion in a webview. No detailed vulnerability details are provided at this time...

7.8CVSS5.5AI score0.01707EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/02/23 12:0 a.m.4 views

The vulnerability of the WebView component in Google Chrome web browsers allows a hacker to gain unauthorized access to protected information.

The vulnerability of the WebView component in Google Chrome browsers relates to the lack of protection for transmitted data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

7.8CVSS6.9AI score0.04175EPSS
Exploits0References8Affected Software6
CNVD
CNVD
added 2021/01/20 12:0 a.m.7 views

Google Chrome WebView Policy Enforcement Deficiency Vulnerability

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A WebView Policy Enforcement Insufficiency vulnerability exists in versions of Google Chrome prior to 88.0.4324.96. An attacker can exploit this vulnerability to le...

6.5CVSS5.8AI score0.04175EPSS
Exploits0References1
CNVD
CNVD
added 2021/01/16 12:0 a.m.3 views

WebView Vulnerability in X Browser

X Browser is a mobile browser for the Android platform. X Browser has a WebView vulnerability that can be exploited by an attacker to execute JS code across domains and take full control of a user's browser...

7.5AI score
Exploits0
Rows per page
Query Builder