EUVD-2025-26243

Malicious code in bioql PyPI...

EUVD-2025-23542

Malicious code in bioql PyPI...

EUVD-2025-28876

Malicious code in bioql PyPI...

EUVD-2024-16041

Malicious code in bioql PyPI...

CVE-2025-10716

A flaw has been found in Creality Cloud App up to 6.1.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.cxsw.sdprinter. Executing manipulation can lead to improper export of android application components. It is possible ...

CVE-2025-10717

The CVE-2025-10717 entry concerns intsig CamScanner App v6.91.1.5.250711 on Android. The vulnerability stems from improper export of Android components in the AndroidManifest.xml of the com.intsig.camscanner component, enabling a local attack. The exploit has been publicly disclosed, and exploita...

PT-2025-38539

Name of the Vulnerable Software and Affected Versions Creality Cloud App versions up to 6.1.0 Description A flaw has been found in Creality Cloud App for Android. The vulnerability is due to improper export of android application components within the AndroidManifest.xml file of the...

INTSIG CamScanner App 安全漏洞

INTSIG CamScanner App Scanning Almighty is a mobile document scanning and management application from China's Hehe Information INTSIG. A security vulnerability exists in INTSIG CamScanner App version 6.91.1.5.250711, which originates from an improperly exported AndroidManifest.xml file, and could...

CVE-2025-10195 Seismic App com.seismic.doccenter AndroidManifest.xml improper export of android application components

A vulnerability has been found in Seismic App 2.4.2 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.seismic.doccenter. Such manipulation leads to improper export of android application components. An attack has to be approached locally. The exploit...

CVE-2025-48560

In AndroidManifest.xml, there is a possible way for an app to monitor motion events due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-9695 GalleryVault Gallery Vault App com.thinkyeah.galleryvault AndroidManifest.xml improper export of android application components

A vulnerability was identified in GalleryVault Gallery Vault App up to 4.5.2 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.thinkyeah.galleryvault. The manipulation leads to improper export of android application components. T...

CVE-2025-9676 NCSOFT Universe App com.ncsoft.universeapp AndroidManifest.xml improper export of android application components

A vulnerability was identified in NCSOFT Universe App up to 1.3.0. Impacted is an unknown function of the file AndroidManifest.xml of the component com.ncsoft.universeapp. The manipulation leads to improper export of android application components. Local access is required to approach this attack...

CVE-2025-9674

CVE-2025-9674 affects Transbyte Scooper News App (versions up to 1.2) on Android. The vulnerability stems from manipulation of AndroidManifest.xml within the com.hatsune.eagleee component causing improper export of Android components. Attack requires local access and the exploit has been publishe...

CVE-2025-9673

A vulnerability was detected in Kakao 헤이카카오 Hey Kakao App up to 2.17.4 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.kakao.i.connect. The manipulation results in improper export of android application components. The...

NCSOFT Universe App 安全漏洞

NCSOFT Universe App is a mobile game by South Korean company NCSOFT. A security vulnerability exists in NCSOFT Universe App version 1.3.0 and earlier, which stems from improper component export in the file AndroidManifest.xml and could lead to a local attack...

CVE-2025-9135

A vulnerability was detected in Verkehrsauskunft Österreich SmartRide, cleVVVer, BusBahnBim and Salzburg Verkehr up to 12.1.1258 on Android. The impacted element is an unknown function of the file AndroidManifest.xml. The manipulation results in improper export of android application components...

AfterShip Package Tracker App 安全漏洞

AfterShip Package Tracker App is a courier tracking app by AfterShip Singapore. A security vulnerability exists in AfterShip Package Tracker App version 5.24.1 and earlier, which stems from an improperly exported AndroidManifest.xml component and could lead to a local attack...

PT-2025-32339 · Unknown · Com.Huuge.Game.Zjbox +1

Name of the Vulnerable Software and Affected Versions: Huuge Box version 1.0.3 Description: A vulnerability exists in the Huuge Box App for Android. The issue involves the improper export of Android application components due to manipulation of an unknown part of the AndroidManifest.xml file with...

CVE-2025-8513

A vulnerability, which was classified as problematic, was found in Caixin News App 8.0.1 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.caixin.news. The manipulation leads to improper export of android application components. Local access is...

CVE-2025-8523

CVE-2025-8523 affects RiderLike Fruit Crush-Brain App 1.0 on Android, with improper export of AndroidManifest.xml in the com.fruitcrush.fun component. This allows launching an attack on the local host and exploitation has been publicly disclosed. Vendor has not responded to disclosure. Connected ...