MAL-2023-7924 Malicious code in @webview/react-skeletor (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 756497fc47f785eae2c52c2c51d75ea29cbe95f6208c9d4c8b4ad576408efb7e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

"Skylark" App fails to restrict custom URL schemes properly

Overview "Skylark" App provided by SKYLARK HOLDINGS CO., LTD. provides the function to access a requested URL using Custom URL Scheme. The App does not restrict access to the function properly CWE-939, CVE-2023-40530, CVE-2024-54014 which may be exploited to direct the App to access any sites...

CVE-2023-26311

A remote code execution vulnerability in the webview component of OPPO Store app...

CVE-2023-26311

A remote code execution vulnerability in the webview component of OPPO Store app...

Remote code execution

A remote code execution vulnerability in the webview component of OPPO Store app...

CVE-2023-26311 A remote code execution vulnerability in the webview component of OPPO Store app.

A remote code execution vulnerability in the webview component of OPPO Store app...

CVE-2023-26311 A remote code execution vulnerability in the webview component of OPPO Store app.

A remote code execution vulnerability in the webview component of OPPO Store app...

CVE-2023-26311

Technical details about CVE-2023-26311 are not publicly available in the provided documents. Monitor for updates from vendors or advisories to obtain affected versions, remediation, and exploit information.

CVE-2023-26309

A remote code execution vulnerability in the webview component of OnePlus Store app...

CVE-2023-26309

A remote code execution vulnerability in the webview component of OnePlus Store app...

Remote code execution

A remote code execution vulnerability in the webview component of OnePlus Store app...

CVE-2023-26309 A remote code execution vulnerability in the webview component

A remote code execution vulnerability in the webview component of OnePlus Store app...

CVE-2023-26309 A remote code execution vulnerability in the webview component

A remote code execution vulnerability in the webview component of OnePlus Store app...

CVE-2023-26309

CVE-2023-26309 describes a remote code execution in the webview component of the OnePlus Store app. Affected: OnePlus Store app webview. Vulnerability type and root cause are not detailed beyond generic RCE in webview; impact is high (C/H/I/A: HIGH per NVD; CVSS v3.1 scores show 9.8 base in NVD w...

OPPO Store app security breach

The OPPO Store app is a mobile store application from OPPO Guangdong Mobile Communications OPPO, China. A security vulnerability exists in OPPO Store app version 5.11.2023, which stems from a remote code execution RCE vulnerability in the webview component...

OPPO OnePlus Mall Security Breach

OPPO OnePlus Mall is a mobile application from OPPO Guangdong Mobile Communications OPPO, China. A security vulnerability exists in OPPO OnePlus Mall version 3.0.2023, which stems from a remote code execution RCE vulnerability in the webview component...

CVE-2023-26316

A XSS vulnerability exists in the Xiaomi cloud service Application product. The vulnerability is caused by Webview's whitelist checking function allowing javascript protocol to be loaded and can be exploited by attackers to steal Xiaomi cloud service account's cookies...

CVE-2023-26316

A XSS vulnerability exists in the Xiaomi cloud service Application product. The vulnerability is caused by Webview's whitelist checking function allowing javascript protocol to be loaded and can be exploited by attackers to steal Xiaomi cloud service account's cookies...

CVE-2023-26316

A XSS vulnerability exists in the Xiaomi cloud service Application product. The vulnerability is caused by Webview's whitelist checking function allowing javascript protocol to be loaded and can be exploited by attackers to steal Xiaomi cloud service account's cookies...

Cross site scripting

A XSS vulnerability exists in the Xiaomi cloud service Application product. The vulnerability is caused by Webview's whitelist checking function allowing javascript protocol to be loaded and can be exploited by attackers to steal Xiaomi cloud service account's cookies...