15 matches found
EUVD-2025-6696
Malicious code in bioql PyPI...
EUVD-2022-50872
Malicious code in bioql PyPI...
PT-2025-31862 · Boquan · Boquan Dotwallet App
Name of the Vulnerable Software and Affected Versions: Boquan DotWallet App version 2.15.2 Description: A vulnerability exists in the Boquan DotWallet App that is due to improper export of android application components within the AndroidManifest.xml file of the com.boquanhash.dotwallet component...
CVE-2025-8512 TVB Big Big Shop App hk.com.tvb.bigbigshop AndroidManifest.xml improper export of android application components
A vulnerability, which was classified as problematic, has been found in TVB Big Big Shop App 2.9.0 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component hk.com.tvb.bigbigshop. The manipulation leads to improper export of android application...
CVE-2025-8210
A vulnerability was found in Yeelink Yeelight App up to 3.5.4 on Android. It has been classified as problematic. Affected is an unknown function of the file AndroidManifest.xml of the component com.yeelight.cherry. The manipulation leads to improper export of android application components...
CVE-2024-34654
Improper Export of android application component in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access files with My Files' privilege...
CVE-2024-34654
Improper Export of android application component in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access files with My Files' privilege...
Argo CD Cross-Site Scripting Vulnerability
Argo CD is a software application. A declarative GitOps continuous delivery tool for Kubernetes. It continuously monitors running applications and compares the current live state with the desired target state e.g., configuration in a Git repository, automatically synchronizing and deploying...
CVE-2023-49344
Temporary data passed between application components by Budgie Extras Window Shuffler applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present...
CVE-2023-49342
Temporary data passed between application components by Budgie Extras Clockworks applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false...
PT-2023-13991 · Tibco Software · Tibco Product/Service Catalog +1
Name of the Vulnerable Software and Affected Versions: TIBCO EBX versions 5.9.21 and below TIBCO EBX versions 6.0.11 and below TIBCO Product and Service Catalog powered by TIBCO EBX versions 1.2.0 and below Description: The Web Application component of TIBCO Software Inc.'s TIBCO EBX and TIBCO...
CVE-2019-5326
An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform. This is possible due to the ability to overwrite a file on disk which is subsequently deserialized by the Java application component...
Samsung A5 Access Control Error Vulnerability
The Samsung A5 is a smartphone from the South Korean company Samsung Samsung. An access control error vulnerability exists in the Samsung A5. The vulnerability stems from the network system or product not properly restricting access to resources from unauthorized roles. An attacker could exploit...
[SYSS-2014-011] FancyFon FAMOC - Cross-Site Scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2014-011 Products: FAMOC Vendor: FancyFon Affected Versions: 3.16.5 Tested Versions: 3.16.5 Vulnerability Type: Cross-Site Scripting CWE-79 Risk Level: Medium Solution Status: Fixed Vendor Notification: 2014-12-19 Solution Date:...
Altiris Deployment Solution < 6.9.176 Multiple Vulnerabilities
The version of the Altiris Deployment Solution installed on the remote host reportedly is affected by several issues : - A SQL injection vulnerability that could allow a user to run arbitrary code CVE-2008-2286. - A remote attacker may be able to obtain encrypted Altiris Deployment Solution domai...