EUVD-2023-40564

Malicious code in bioql PyPI...

EUVD-2023-40565

Malicious code in bioql PyPI...

MAL-2025-29376 Malicious code in platform-boomerang-components (npm)

The package platform-boomerang-components was found to contain malicious code...

Malicious code in platform-boomerang-components (npm)

The package platform-boomerang-components was found to contain malicious code...

CVE-2023-36621

An issue was discovered in the Boomerang Parental Control application through 13.83 for Android. The child can use Safe Mode to remove all restrictions temporarily or uninstall the application without the parents noticing...

CVE-2023-36620

An issue was discovered in the Boomerang Parental Control application before 13.83 for Android. The app is missing the android:allowBackup="false" attribute in the manifest. This allows the user to backup the internal memory of the app to a PC. This gives the user access to the API token that is...

CVE-2023-36621

An issue was discovered in the Boomerang Parental Control application through 13.83 for Android. The child can use Safe Mode to remove all restrictions temporarily or uninstall the application without the parents noticing...

CVE-2023-36621

An issue was discovered in the Boomerang Parental Control application through 13.83 for Android. The child can use Safe Mode to remove all restrictions temporarily or uninstall the application without the parents noticing...

CVE-2023-36620

An issue was discovered in the Boomerang Parental Control application before 13.83 for Android. The app is missing the android:allowBackup="false" attribute in the manifest. This allows the user to backup the internal memory of the app to a PC. This gives the user access to the API token that is...

CVE-2023-36620

An issue was discovered in the Boomerang Parental Control application before 13.83 for Android. The app is missing the android:allowBackup="false" attribute in the manifest. This allows the user to backup the internal memory of the app to a PC. This gives the user access to the API token that is...

Design/Logic Flaw

An issue was discovered in the Boomerang Parental Control application before 13.83 for Android. The app is missing the android:allowBackup="false" attribute in the manifest. This allows the user to backup the internal memory of the app to a PC. This gives the user access to the API token that is...

Boomerang Parental Control Security Vulnerability

Boomerang Parental Control is an application from Boomerang that is used by parents to regulate their children's use of electronic devices. A security vulnerability exists in the Boomerang Parental Control application prior to version 13.83 Android, which stems from the application's lack of the...

CVE-2023-36621

CVE-2023-36621 affects Boomerang Parental Control App (Android) up to version 13.83. Multiple connected sources describe a stored XSS and privilege escalation vulnerability in versions prior to 13.83, with at least one issue fixed in 13.83 or later. SEC Consult and PacketStorm indicate the vulner...

Boomerang Parental Control Security Vulnerability

Boomerang Parental Control is an application from Boomerang for parents to restrain their children from using electronic devices. A security vulnerability exists in the Boomerang Parental Control application prior to version 13.83 Android, which stems from the ability to use Safe Mode to...

CVE-2023-36620

An issue was discovered in the Boomerang Parental Control application before 13.83 for Android. The app is missing the android:allowBackup="false" attribute in the manifest. This allows the user to backup the internal memory of the app to a PC. This gives the user access to the API token that is...

CVE-2023-36620

An issue was discovered in the Boomerang Parental Control application before 13.83 for Android. The app is missing the android:allowBackup="false" attribute in the manifest. This allows the user to backup the internal memory of the app to a PC. This gives the user access to the API token that is...

CVE-2023-36621

An issue was discovered in the Boomerang Parental Control application through 13.83 for Android. The child can use Safe Mode to remove all restrictions temporarily or uninstall the application without the parents noticing...

CVE-2023-36620

CVE-2023-36620 affects the Boomerang Parental Control Android app prior to version 13.83. The root cause is the manifest lacking android:allowBackup="false", enabling local backups of the app’s internal memory to a PC. This backup exposure grants access to the API token used for authenticating AP...

Boomerang Parental Control App Cross Site Scripting / Privilege Escalation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored XSS & Privilege Escalation product: Boomerang Parental Control App vulnerable version: =13.83 only issue 1, rest not fixed CVE number: CVE-2023-36620, CVE-2023-366...

musicboomerang.com Cross Site Scripting vulnerability OBB-2847922

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...