EUVD-2022-29678

Malicious code in bioql PyPI...

EUVD-2023-46377

Malicious code in bioql PyPI...

CVE-2024-44081

In Jitsi Meet before 2.0.9779, the functionality to share a video file was implemented in an insecure way, resulting in clients loading videos from an arbitrary URL if a message from another participant contains a URL encoded in the expected format...

CVE-2023-41898

Home assistant is an open source home automation. The Home Assistant Companion for Android app up to version 2023.8.2 is vulnerable to arbitrary URL loading in a WebView. This enables all sorts of attacks, including arbitrary JavaScript execution, limited native code execution, and credential...

CVE-2024-44081

In Jitsi Meet before 2.0.9779, the functionality to share a video file was implemented in an insecure way, resulting in clients loading videos from an arbitrary URL if a message from another participant contains a URL encoded in the expected format...

CVE-2023-41898

CVE-2023-41898 affects the Home Assistant Companion for Android (up to version 2023.8.2). The vulnerability is arbitrary URL loading in a WebView, enabling arbitrary JavaScript execution, limited native code execution, and credential theft. It has been patched in version 2023.9.2; all users shoul...

PT-2023-28154 · Home Assistant · Home Assistant Companion For Android

Name of the Vulnerable Software and Affected Versions: Home Assistant Companion for Android app versions 2023.8.2 and earlier Description: The Home Assistant Companion for Android app is vulnerable to arbitrary URL loading in a WebView, enabling attacks such as arbitrary JavaScript execution,...

CVE-2017-17226

The TripAdvisor app with the versions before TAMobileApp-24.6.4 pre-installed in some Huawei mobile phones have an arbitrary URL loading vulnerability due to insufficient input validation and improper configuration. An attacker may exploit this vulnerability to invoke TripAdvisor to load a specif...

Input validation

The TripAdvisor app with the versions before TAMobileApp-24.6.4 pre-installed in some Huawei mobile phones have an arbitrary URL loading vulnerability due to insufficient input validation and improper configuration. An attacker may exploit this vulnerability to invoke TripAdvisor to load a specif...

CVE-2017-17226

The TripAdvisor app with the versions before TAMobileApp-24.6.4 pre-installed in some Huawei mobile phones have an arbitrary URL loading vulnerability due to insufficient input validation and improper configuration. An attacker may exploit this vulnerability to invoke TripAdvisor to load a specif...

Security Advisory - Arbitrary URL Loading Vulnerability in TripAdvisor

The TripAdvisor app pre-installed in some Huawei mobile phones have an arbitrary URL loading vulnerability due to insufficient input validation and improper configuration. An attacker may exploit this vulnerability to invoke TripAdvisor to load a specific URL and execute malicious code contained ...