66 matches found
EUVD-2019-8348
Malware in sbrugna...
EUVD-2023-1450
Malicious code in bioql PyPI...
EUVD-2025-19242
Malicious code in bioql PyPI...
CVE-2025-6731
A vulnerability was found in yzcheng90 X-SpringBoot up to 5.0 and classified as critical. Affected by this issue is the function uploadApk of the file /sys/oss/upload/apk of the component APK File Handler. The manipulation of the argument File leads to path traversal. The attack may be launched...
CVE-2025-6731
A vulnerability was found in yzcheng90 X-SpringBoot up to 5.0 and classified as critical. Affected by this issue is the function uploadApk of the file /sys/oss/upload/apk of the component APK File Handler. The manipulation of the argument File leads to path traversal. The attack may be launched...
CVE-2025-6731 yzcheng90 X-SpringBoot APK File apk uploadApk path traversal
A vulnerability was found in yzcheng90 X-SpringBoot up to 5.0 and classified as critical. Affected by this issue is the function uploadApk of the file /sys/oss/upload/apk of the component APK File Handler. The manipulation of the argument File leads to path traversal. The attack may be launched...
CVE-2025-6731 yzcheng90 X-SpringBoot APK File apk uploadApk path traversal
A vulnerability was found in yzcheng90 X-SpringBoot up to 5.0 and classified as critical. Affected by this issue is the function uploadApk of the file /sys/oss/upload/apk of the component APK File Handler. The manipulation of the argument File leads to path traversal. The attack may be launched...
CVE-2025-6731
CVE-2025-6731 affects yzcheng90 X-SpringBoot up to version 5.0. The vulnerability resides in the function uploadApk within /sys/oss/upload/apk of the APK File Handler, where manipulation of the File argument enables path traversal. It can be exploited remotely, and the proof-of-concept/public exp...
PT-2025-27014 · Yzcheng90 · X-Springboot
Name of the Vulnerable Software and Affected Versions: yzcheng90 X-SpringBoot versions up to 5.0 Description: A critical issue was found in the function uploadApk of the file /sys/oss/upload/apk of the component APK File Handler. The manipulation of the argument File leads to path traversal. The...
CVE-2024-48541
Incorrect access control in the firmware update and download processes of Ruochan Smart v4.4.7 allows attackers to access sensitive information by analyzing the code and data within the APK file...
CVE-2024-48538
Incorrect access control in the firmware update and download processes of Neye3C v4.5.2.0 allows attackers to access sensitive information by analyzing the code and data within the APK file...
CVE-2024-48544
Incorrect access control in the firmware update and download processes of Sylvania Smart Home v3.0.3 allows attackers to access sensitive information by analyzing the code and data within the APK file...
CVE-2024-48545
Incorrect access control in the firmware update and download processes of IVY Smart v4.5.0 allows attackers to access sensitive information by analyzing the code and data within the APK file...
CVE-2024-48540
Incorrect access control in XIAO HE Smart 4.3.1 allows attackers to access sensitive information by analyzing the code and data within the APK file...
CVE-2024-48547
Incorrect access control in the firmware update and download processes of DreamCatcher Life v1.8.7 allows attackers to access sensitive information by analyzing the code and data within the APK file...
CVE-2022-28878
A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed APK file it is possible that can crash the scanning engine...
CVE-2024-48547
Incorrect access control in the firmware update and download processes of DreamCatcher Life v1.8.7 allows attackers to access sensitive information by analyzing the code and data within the APK file...
CVE-2024-48548
The APK file in Cloud Smart Lock v2.0.1 has a leaked a URL that can call an API for binding physical devices. This vulnerability allows attackers to arbitrarily construct a request to use the app to bind to unknown devices by finding a valid serial number via a bruteforce attack...
CVE-2024-48545
Incorrect access control in the firmware update and download processes of IVY Smart v4.5.0 allows attackers to access sensitive information by analyzing the code and data within the APK file...
CVE-2024-48546
Incorrect access control in the firmware update and download processes of Wear Sync v1.2.0 allows attackers to access sensitive information by analyzing the code and data within the APK file...