11 matches found
CVE-2024-23727
The YI Smart Kami Vision com.kamivision.yismart application through 1.0.020231219 for Android allows a remote attacker to execute arbitrary JavaScript code via an implicit intent to the com.ants360.yicamera.activity.WebViewActivity component...
CVE-2024-23727
CVE-2024-23727 affects the YI Smart Kami Vision (com.kamivision.yismart) Android app via version 1.0.0_20231219. The vulnerability stems from allowing an implicit Android intent to WebViewActivity to execute arbitrary JavaScript code, enabling a remote attacker to run JS on the device with no us...
Kami Vision YI Smart 安全漏洞
Kami Vision YI Smart is a smart camera program from Kami Vision. A security vulnerability exists in Kami Vision YI Smart com.kamivision.yismart version 1.0.020231219, which originated from a vulnerability that allows remote attackers to execute arbitrary WebViewActivity component...
PT-2024-20038 · Unknown · Com.Kamivision.Yismart
Name of the Vulnerable Software and Affected Versions: com.kamivision.yismart application through 1.0.0 20231219 for Android Description: The issue allows a remote attacker to execute arbitrary JavaScript code via an implicit intent to the com.ants360.yicamera.activity.WebViewActivity component...
CVE-2024-23727
The YI Smart Kami Vision com.kamivision.yismart application through 1.0.020231219 for Android allows a remote attacker to execute arbitrary JavaScript code via an implicit intent to the com.ants360.yicamera.activity.WebViewActivity component...
Code injection
The Kami Vision YI IoT com.yunyi.smartcamera application through 4.1.920231127 for Android allows a remote attacker to execute arbitrary JavaScript code via an implicit intent to the com.ants360.yicamera.activity.WebViewActivity component...
PT-2023-30655 · Unknown · Com.Yunyi.Smartcamera
Name of the Vulnerable Software and Affected Versions: com.yunyi.smartcamera application through 4.1.9 20231127 for Android Description: The issue allows a remote attacker to execute arbitrary JavaScript code via an implicit intent to the com.ants360.yicamera.activity.WebViewActivity component...
CVE-2023-47882
The Kami Vision YI IoT com.yunyi.smartcamera application through 4.1.920231127 for Android allows a remote attacker to execute arbitrary JavaScript code via an implicit intent to the com.ants360.yicamera.activity.WebViewActivity component...
CVE-2019-16681
The Traveloka application 3.14.0 for Android exports com.traveloka.android.activity.common.WebViewActivity, leading to the opening of arbitrary URLs, which can inject deceptive content into the UI. When in physical possession of the device, opening local files is also possible. NOTE: As of...
Privilege escalation
The Traveloka application 3.14.0 for Android exports com.traveloka.android.activity.common.WebViewActivity, leading to the opening of arbitrary URLs, which can inject deceptive content into the UI. When in physical possession of the device, opening local files is also possible. NOTE: As of...
CVE-2019-16681
The Traveloka application 3.14.0 for Android exports com.traveloka.android.activity.common.WebViewActivity, leading to the opening of arbitrary URLs, which can inject deceptive content into the UI. When in physical possession of the device, opening local files is also possible. NOTE: As of...