CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Github Security Blog•added 2026/02/10 2:33 p.m.•6 views

cap-go/capacitor-native-biometric Authentication Bypass

There is a potential issue with the cap-go/capacitor-native-biometric library. --- Summary The cap-go/capacitor-native-biometric library was found to be subject to an authentication bypass as the current implementation of the onAuthenticationSucceeded does not appear to handle a...

5.8AI score

Exploits0References3Affected Software1

RedhatCVE•added 2026/01/09 10:9 a.m.•5 views

CVE-2019-11932

A double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library before version 1.2.18, as used in WhatsApp for Android before version 2.19.244 and many other Android applications, allows remote attackers to execute arbitrary code or cause a denial of servi...

8.8CVSS8AI score0.70962EPSS

Exploits16References1

EUVD-2014-5415

Malware in sbrugna...

EUVD-2014-5412

Malware in sbrugna...

5.8CVSS6.4AI score0.00134EPSS

EUVD-2012-5693

Malware in sbrugna...

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2014-4800

Malware in sbrugna...

EUVD-2014-6523

Malware in sbrugna...

EUVD-2014-5858

Malware in sbrugna...

OSV•added 2025/09/04 6:15 p.m.•0 views

CVE-2025-22425

In onCreate of InstallStart.java, there is a possible permissions bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

5.1CVSS5.9AI score

Exploits0References3

RedhatCVE•added 2025/05/23 7:15 a.m.•5 views

CVE-2024-25466

Directory Traversal vulnerability in React Native Document Picker before v.9.1.1 and fixed in v.9.1.1 allows a local attacker to execute arbitrary code via a crafted script to the Android library component...

7.8CVSS7.3AI score0.01042EPSS

OSSF Malicious Packages•added 2025/02/19 7:28 a.m.•2 views

Malicious code in react-native-android-library-simpl-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4460dc946645a2b0bcd6489a7ae7a24c7c2803c369d27f2efa3de46ab7735558 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References3

OSV•added 2025/01/28 5:15 p.m.•1 views

CVE-2018-9378

In BnAudioPolicyService::onTransact of IAudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

6.2CVSS5.9AI score

OSV•added 2025/01/21 11:15 p.m.•0 views

CVE-2024-49732

In multiple functions of CompanionDeviceManagerService.java, there is a possible way to grant permissions without user consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS5.9AI score

OSV•added 2025/01/03 1:15 a.m.•0 views

CVE-2024-43764

In onPrimaryClipChanged of ClipboardListener.java, there is a possible way to partially bypass lock screen. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00007EPSS

Exploits0References2

OSV•added 2024/12/12 2:4 a.m.•0 views

CVE-2024-49057

Microsoft Defender for Endpoint on Android Spoofing Vulnerability...

8.1CVSS5.8AI score0.0297EPSS

OSV•added 2024/12/02 9:15 p.m.•3 views

CVE-2018-9414

In gattServerSendResponseNative of comandroidbluetoothgatt.cpp, there is a possible out of bounds stack write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00054EPSS