Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-26966

Malicious code in bioql PyPI...

5.3CVSS4.9AI score0.00253EPSS
Exploits0References1
NVD
NVD
added 2025/09/05 6:15 a.m.7 views

CVE-2025-41408

Improper authorization in handler for custom URL scheme issue in "Yahoo! Shopping" App for Android versions prior to 14.15.0 allows a remote unauthenticated attacker may lead a user to access an arbitrary website on the vulnerable App. As a result, the user may become a victim of a phishing attac...

5.3CVSS0.00253EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/09/05 6:12 a.m.6 views

"Yahoo! Shopping" App for Android fails to restrict custom URL schemes properly

Overview "Yahoo! Shopping" App for Android provided by LY Corporation contains the following vulnerability. Improper authorization in handler for custom URL scheme CWE-939 - CVE-2025-41408 Shiga Takuma of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

5.3CVSS6.8AI score0.00253EPSS
Exploits0References4
CVE
CVE
added 2025/09/05 5:25 a.m.16 views

CVE-2025-41408

Summary: The vulnerability CVE-2025-41408 affects the LY/Yahoo! Shopping App for Android (pre-14.15.0). The issue is improper authorization in the handler for the app’s custom URL scheme (CWE-939), allowing a remote, unauthenticated attacker to redirect a user to an arbitrary website, enabling ph...

5.3CVSS6.5AI score0.00253EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/05 5:25 a.m.4 views

CVE-2025-41408

Improper authorization in handler for custom URL scheme issue in "Yahoo! Shopping" App for Android versions prior to 14.15.0 allows a remote unauthenticated attacker may lead a user to access an arbitrary website on the vulnerable App. As a result, the user may become a victim of a phishing attac...

5.3CVSS6.5AI score0.00253EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/05 5:25 a.m.9 views

CVE-2025-41408

Improper authorization in handler for custom URL scheme issue in "Yahoo! Shopping" App for Android versions prior to 14.15.0 allows a remote unauthenticated attacker may lead a user to access an arbitrary website on the vulnerable App. As a result, the user may become a victim of a phishing attac...

5.3CVSS0.00253EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/05 12:0 a.m.10 views

PT-2025-36110

Name of the Vulnerable Software and Affected Versions: Yahoo! Shopping App for Android versions prior to 14.15.0 Description: Improper authorization in the handler for a custom URL scheme in the Yahoo! Shopping App for Android may allow a remote, unauthenticated attacker to redirect a user to an...

5.3CVSS4.7AI score0.00253EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/09/05 12:0 a.m.8 views

JVN#35290164: "Yahoo! Shopping" App for Android fails to restrict custom URL schemes properly

"Yahoo! Shopping" App for Android provided by LY Corporation contains the following vulnerability. Improper authorization in handler for custom URL scheme CWE-939 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Base Score 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Base Score...

5.3CVSS6.8AI score0.00253EPSS
Exploits0
Rows per page
Query Builder