EUVD-2025-24940

Malicious code in bioql PyPI...

CVE-2025-50862

CVE-2025-50862 affects the Lotus Cars Android app (com.lotus.carsdomestic.intl) v1.2.8. The underlying issue is allowBackup=true in the app manifest, which enables data exfiltration via ADB backup on rooted or debug-enabled devices. Impact per sources indicates potential user data exposure due to...

CVE-2025-50862

The Lotus Cars Android app com.lotus.carsdomestic.intl 1.2.8 has allowBackup=true set in its manifest, allowing data exfiltration via ADB backup on rooted or debug-enabled devices. This presents a risk of user data exposure...

CVE-2023-36620

An issue was discovered in the Boomerang Parental Control application before 13.83 for Android. The app is missing the android:allowBackup="false" attribute in the manifest. This allows the user to backup the internal memory of the app to a PC. This gives the user access to the API token that is...

CVE-2023-46918

Phlox com.phlox.simpleserver.plus aka Simple HTTP Server PLUS 1.8.1-plus has an Android manifest file that contains an entry with the android:allowBackup attribute set to true. This could be leveraged by an attacker with physical access to the device...

CVE-2021-43388

Unisys Cargo Mobile Application before 1.2.29 uses cleartext to store sensitive information, which might be revealed in a backup. The issue is addressed by ensuring that the allowBackup flag in the manifest is False...