32 matches found
EUVD-2021-12423
Malware in sbrugna...
EUVD-2023-25653
Malicious code in bioql PyPI...
EUVD-2025-16830
Malicious code in bioql PyPI...
EUVD-2025-2218
Malicious code in bioql PyPI...
CVE-2025-8512
CVE-2025-8512 affects TVB Big Big Shop App v2.9.0 on Android. The issue stems from improper handling of the AndroidManifest.xml in the component hk.com.tvb.bigbigshop, causing improper export of Android application components. Local-access exploitation is required; the exploit has been publicly d...
CVE-2025-8512 TVB Big Big Shop App hk.com.tvb.bigbigshop AndroidManifest.xml improper export of android application components
A vulnerability, which was classified as problematic, has been found in TVB Big Big Shop App 2.9.0 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component hk.com.tvb.bigbigshop. The manipulation leads to improper export of android application...
CVE-2025-8275 bsc Peru Cocktails App bsc.devy.peru_cocktails AndroidManifest.xml improper export of android application components
A vulnerability, which was classified as problematic, has been found in bsc Peru Cocktails App 1.0.0 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component bsc.devy.perucocktails. The manipulation leads to improper export of android...
CVE-2025-8257
A vulnerability classified as problematic was found in Lobby Universe Lobby App up to 2.8.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.maverick.lobby. The manipulation leads to improper export of android application...
CVE-2025-20991
CVE-2025-20991 affects Android Bluetooth components, where improper export of Android application components enables local attackers to make devices discoverable. The issue is tied to Samsung/Android deployments prior to SMR Jun-2025 Release 1. Root cause: improper component export in Bluetooth h...
CVE-2025-20955
Improper Export of Android Application Components in NotificationHistoryImageProvider prior to SMR May-2025 Release 1 allows local attackers to access notification images...
CVE-2025-20975
Improper Export of Android Application Components in AODService prior to version 8.8.28.12 allows local attackers to launch arbitrary activity with systemui privilege...
CVE-2025-20956
CVE-2025-20956 corresponds to a vulnerability in Galaxy Watch Settings where improper export of Android application components enables physical attackers to access developer settings. The PT Security entry specifies Galaxy Watch versions prior to SMR May-2025 Release 1 as affected and recommends ...
CVE-2025-20955
Improper Export of Android Application Components in NotificationHistoryImageProvider prior to SMR May-2025 Release 1 allows local attackers to access notification images...
PT-2025-20060 · Unknown · Aodservice
Name of the Vulnerable Software and Affected Versions: AODService versions prior to 8.8.28.12 Description: The issue concerns the improper export of Android application components in AODService, allowing local attackers to launch arbitrary activity with systemui privilege. This enables attackers ...
CVE-2025-20926
Improper export of Android application components in My Files prior to version 15.0.07.5 in Android 14 allows local attackers to access files with My Files' privilege...
CVE-2025-20926
Improper export of Android application components in My Files prior to version 15.0.07.5 in Android 14 allows local attackers to access files with My Files' privilege...
CVE-2025-20906
Improper Export of Android Application Components in Settings prior to SMR Feb-2025 Release 1 allows local attackers to enable ADB...
CVE-2025-20906
Improper Export of Android Application Components in Settings prior to SMR Feb-2025 Release 1 allows local attackers to enable ADB...
CVE-2025-20906
Improper Export of Android Application Components in Settings prior to SMR Feb-2025 Release 1 allows local attackers to enable ADB...
CVE-2025-20906
Improper Export of Android Application Components in Settings prior to SMR Feb-2025 Release 1 allows local attackers to enable ADB...