Lucene search
K

32 matches found

CVE
CVE
added 2024/09/04 5:32 a.m.54 views

CVE-2024-34641

CVE-2024-34641 relates to Samsung Android devices where the FeliCaTest component improperly exports an Android application component. This allows local attackers to enable NFC configuration. Affected software is FeliCaTest prior to the SMR Sep-2024 Release 1. The issue's root cause is improper co...

5.1CVSS6.8AI score0.00137EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/09/04 5:32 a.m.14 views

CVE-2024-34641

Improper Export of Android Application Components in FeliCaTest prior to SMR Sep-2024 Release 1 allows local attackers to enable NFC configuration...

5.1CVSS6.5AI score0.00137EPSS
Exploits0References1
NVD
NVD
added 2024/05/07 5:15 a.m.27 views

CVE-2024-20860

Improper export of android application components vulnerability in TelephonyUI prior to SMR May-2024 Release 1 allows local attackers to reboot the device without proper permission...

4CVSS4.1AI score0.00144EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/07 4:28 a.m.17 views

CVE-2024-20860

Improper export of android application components vulnerability in TelephonyUI prior to SMR May-2024 Release 1 allows local attackers to reboot the device without proper permission...

4CVSS6.8AI score0.00144EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/07 9:0 a.m.12 views

CVE-2021-4438 kyivstarteam react-native-sms-user-consent SmsUserConsentModule.kt registerReceiver improper export of android application components

A vulnerability, which was classified as critical, has been found in kyivstarteam react-native-sms-user-consent up to 1.1.4 on Android. Affected by this issue is the function registerReceiver of the file android/src/main/java/ua/kyivstar/reactnativesmsuserconsent/SmsUserConsentModule.kt. The...

5.3CVSS7.2AI score0.0026EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/03/18 3:18 a.m.23 views

CVE-2024-28745

Improper export of Android application components issue exists in 'ABEMA' App for Android prior to 10.65.0 allowing another app installed on the user's device to access an arbitrary URL on 'ABEMA' App for Android via Intent. If this vulnerability is exploited, an arbitrary website may be displaye...

6.7AI score0.00176EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/12/12 1:36 a.m.38 views

CVE-2023-6542 Improper Export of Android Application Components in SAP EMARSYS SDK ANDROID

Due to lack of proper authorization checks in Emarsys SDK for Android, an attacker can call a particular activity and can forward himself web pages and/or deep links without any validation directly from the host application. On successful attack, an attacker could navigate to arbitrary URL...

7.1CVSS7.1AI score0.00222EPSS
Exploits1References2
NVD
NVD
added 2023/09/06 4:15 a.m.34 views

CVE-2023-30718

Improper export of android application components vulnerability in WifiApAutoHotspotEnablingActivity prior to SMR Sep-2023 Release 1 allows local attacker to change a Auto Hotspot setting...

4CVSS4.1AI score0.00137EPSS
Exploits0References1
CVE
CVE
added 2023/05/04 12:0 a.m.51 views

CVE-2023-21486

CVE-2023-21486 concerns an improper export of Android components in ImagePreviewActivity within Samsung Call Settings, enabling a physical attacker to access certain media data in sandbox. The issue is tied to specific Samsung SMR May-2023 Release 1 updates; remediation is provided via the May-20...

5.3CVSS4.5AI score0.0025EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/05/04 12:0 a.m.31 views

CVE-2023-21485

Improper export of android application components vulnerability in VideoPreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox...

5.3CVSS5.3AI score0.0025EPSS
Exploits0References1
Prion
Prion
added 2021/12/08 3:15 p.m.12 views

Authentication flaw

Improper export of Android application components vulnerability in Samsung Pay India only prior to version 4.1.77 allows attacker to access Bill Pay and Recharge menu without authentication...

2.1CVSS4.1AI score0.00219EPSS
Exploits0References1Affected Software1
0day.today
0day.today
added 2020/09/22 12:0 a.m.66 views

Framer Preview 12 Content Injection Vulnerability

Framer Preview version 12 for Android exposes an activity to other apps called "com.framer.viewer.FramerViewActivity". The purpose of this activity is to show contents of a given URL via an fullscreen overlay to the app user. However, the app does neither enforce any authorization schema on the...

5.5CVSS5.5AI score0.00453EPSS
Exploits3
Rows per page
Query Builder