CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

404 matches found

RedhatCVE•added 2026/01/09 10:9 a.m.•9 views

CVE-2019-11554

The Audible application through 2.34.0 for Android has Missing SSL Certificate Validation for Adobe SDKs, allowing MITM attackers to cause a denial of service...

5.9CVSS6.8AI score0.00464EPSS

Exploits0References1

Vulnrichment•added 2025/12/15 6:38 a.m.•3 views

CVE-2025-14019

LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific layout could obscure the full-screen warning prompt, potentially allowing attackers to conduct phishing attacks...

3.4CVSS6.3AI score0.00148EPSS

Exploits0References1

SUSE CVE•added 2025/12/05 2:25 p.m.•2 views

SUSE CVE-2025-66270

The KDE Connect protocol 8 before 2025-11-28 does not correlate device IDs across two packets. This affects KDE Connect before 25.12 on desktop, KDE Connect before 0.5.4 on iOS, KDE Connect before 1.34.4 on Android, GSConnect before 68, and Valent before 1.0.0.alpha.49...

4.7CVSS7AI score0.00176EPSS

Exploits0References3

EUVD•added 2025/12/05 12:0 a.m.•5 views

EUVD-2025-201337

The KDE Connect verification-code protocol before 2025-04-18 uses only 8 characters and therefore allows brute-force attacks. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5 on iOS, Valent before 1.0.0.alpha.47, and GSConnect before 5...

4.7CVSS6.4AI score0.0013EPSS

Exploits0References3

Japan Vulnerability Notes•added 2025/11/25 5:15 a.m.•5 views

"FOD" App uses hard-coded cryptographic keys

Overview "FOD" App provided by Fuji Television Network, Inc. uses hard-coded cryptographic keys Use of hard-coded cryptographic key CWE-321 - CVE-2025-64304 The keys are used in the processing of JWT data. Impact The cryptographic keys may be retrieved. The developer considers that the impact is...

5.1CVSS4.7AI score0.0011EPSS

Exploits0References4

EUVD•added 2025/11/14 2:29 a.m.•3 views

EUVD-2025-180544

Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.9AI score0.00163EPSS

Exploits0References3

EUVD•added 2025/11/10 9:30 p.m.•3 views

EUVD-2025-50784

Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS5.5AI score0.00158EPSS

Exploits0References3

EUVD•added 2025/11/10 9:30 p.m.•3 views

EUVD-2025-50786

4.2CVSS5.5AI score0.00178EPSS

Exploits0References3

Positive Technologies•added 2025/10/30 12:0 a.m.•6 views

PT-2025-44419

Name of the Vulnerable Software and Affected Versions TalkTalk version 3.3.6 Description The TalkTalk 3.3.6 Android App has improper access control issues in several API endpoints. Modifying request parameters can allow attackers to get sensitive user information, like device identifiers and...

7.5CVSS6.3AI score0.0027EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-26001

Malware in sbrugna...

9.8CVSS9.2AI score0.00453EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2016-7462

Malware in sbrugna...

8.8CVSS6.5AI score0.01093EPSS

Exploits0References5