81 matches found
CVE-2025-7891 InstantBits Web Video Cast App com.instantbits.cast.webvideo AndroidManifest.xml improper export of android application components
A vulnerability was found in InstantBits Web Video Cast App up to 5.12.4 on Android. It has been rated as problematic. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.instantbits.cast.webvideo. The manipulation leads to improper export of...
CVE-2025-7891
InstantBits Web Video Cast App for Android (versions up to 5.12.4) contains a vulnerability in the AndroidManifest.xml file of the com.instantbits.cast.webvideo component that improperly exports application components. The issue is locally exploitable and has a publicly disclosed exploit. Multipl...
CVE-2025-20991
CVE-2025-20991 affects Android Bluetooth components, where improper export of Android application components enables local attackers to make devices discoverable. The issue is tied to Samsung/Android deployments prior to SMR Jun-2025 Release 1. Root cause: improper component export in Bluetooth h...
CVE-2018-16498
In Versa Director, the unencrypted backup files stored on the Versa deployment contain credentials stored within configuration files. These credentials are for various application components such as SNMP, and SSL and Trust keystores...
CVE-2025-47290
containerd is a container runtime. A time-of-check to time-of-use TOCTOU vulnerability was found in containerd v2.1.0. While unpacking an image during an image pull, specially crafted container images could arbitrarily modify the host file system. The only affected version of containerd is 2.1.0...
CVE-2025-20956
Improper export of android application components in Settings in Galaxy Watch prior to SMR May-2025 Release 1 allows physical attackers to access developer settings...
CVE-2025-20955
Improper Export of Android Application Components in NotificationHistoryImageProvider prior to SMR May-2025 Release 1 allows local attackers to access notification images...
CVE-2025-20975
Improper Export of Android Application Components in AODService prior to version 8.8.28.12 allows local attackers to launch arbitrary activity with systemui privilege...
CVE-2025-20956
CVE-2025-20956 corresponds to a vulnerability in Galaxy Watch Settings where improper export of Android application components enables physical attackers to access developer settings. The PT Security entry specifies Galaxy Watch versions prior to SMR May-2025 Release 1 as affected and recommends ...
CVE-2025-20955
Improper Export of Android Application Components in NotificationHistoryImageProvider prior to SMR May-2025 Release 1 allows local attackers to access notification images...
PT-2025-20060 · Unknown · Aodservice
Name of the Vulnerable Software and Affected Versions: AODService versions prior to 8.8.28.12 Description: The issue concerns the improper export of Android application components in AODService, allowing local attackers to launch arbitrary activity with systemui privilege. This enables attackers ...
CVE-2025-20926
Improper export of Android application components in My Files prior to version 15.0.07.5 in Android 14 allows local attackers to access files with My Files' privilege...
CVE-2025-20926
Improper export of Android application components in My Files prior to version 15.0.07.5 in Android 14 allows local attackers to access files with My Files' privilege...
CVE-2025-20906
Improper Export of Android Application Components in Settings prior to SMR Feb-2025 Release 1 allows local attackers to enable ADB...
CVE-2024-7612
Insecure permissions in Ivanti EPMM before 12.1.0.4 allow a local authenticated attacker to modify sensitive application components...
CVE-2025-20906
Improper Export of Android Application Components in Settings prior to SMR Feb-2025 Release 1 allows local attackers to enable ADB...
CVE-2025-20906
Improper Export of Android Application Components in Settings prior to SMR Feb-2025 Release 1 allows local attackers to enable ADB...
CVE-2025-20906
Improper Export of Android Application Components in Settings prior to SMR Feb-2025 Release 1 allows local attackers to enable ADB...
CVE-2024-34641
CVE-2024-34641 relates to Samsung Android devices where the FeliCaTest component improperly exports an Android application component. This allows local attackers to enable NFC configuration. Affected software is FeliCaTest prior to the SMR Sep-2024 Release 1. The issue's root cause is improper co...
CVE-2024-34641
Improper Export of Android Application Components in FeliCaTest prior to SMR Sep-2024 Release 1 allows local attackers to enable NFC configuration...