27 matches found
CVE-2026-46459
ICU Scandinavia Boomerang is affected by a missing authentication vulnerability in its device receiver endpoints. An unauthenticated remote attacker can read full facility configurations and write unauthorized data to the sensor database. The issue is mitigated by upgrading to version 2.4.18.029....
CVE-2026-46458
CVE-2026-46458 affects ICU Scandinavia Boomerang. An information-disclosure flaw allows an unauthenticated attacker to retrieve plaintext credentials by requesting specific XML files from the webroot over static HTTP. The root cause is exposure of sensitive credential files via static HTTP paths....
EUVD-2023-40564
Malicious code in bioql PyPI...
EUVD-2023-40565
Malicious code in bioql PyPI...
Malicious code in platform-boomerang-components (npm)
The package platform-boomerang-components was found to contain malicious code...
MAL-2025-29376 Malicious code in platform-boomerang-components (npm)
The package platform-boomerang-components was found to contain malicious code...
CVE-2023-36621
An issue was discovered in the Boomerang Parental Control application through 13.83 for Android. The child can use Safe Mode to remove all restrictions temporarily or uninstall the application without the parents noticing...
CVE-2023-36620
An issue was discovered in the Boomerang Parental Control application before 13.83 for Android. The app is missing the android:allowBackup="false" attribute in the manifest. This allows the user to backup the internal memory of the app to a PC. This gives the user access to the API token that is...
CVE-2023-36620
An issue was discovered in the Boomerang Parental Control application before 13.83 for Android. The app is missing the android:allowBackup="false" attribute in the manifest. This allows the user to backup the internal memory of the app to a PC. This gives the user access to the API token that is...
CVE-2023-36620
An issue was discovered in the Boomerang Parental Control application before 13.83 for Android. The app is missing the android:allowBackup="false" attribute in the manifest. This allows the user to backup the internal memory of the app to a PC. This gives the user access to the API token that is...
CVE-2023-36621
An issue was discovered in the Boomerang Parental Control application through 13.83 for Android. The child can use Safe Mode to remove all restrictions temporarily or uninstall the application without the parents noticing...
CVE-2023-36621
An issue was discovered in the Boomerang Parental Control application through 13.83 for Android. The child can use Safe Mode to remove all restrictions temporarily or uninstall the application without the parents noticing...
Design/Logic Flaw
An issue was discovered in the Boomerang Parental Control application before 13.83 for Android. The app is missing the android:allowBackup="false" attribute in the manifest. This allows the user to backup the internal memory of the app to a PC. This gives the user access to the API token that is...
CVE-2023-36621
An issue was discovered in the Boomerang Parental Control application through 13.83 for Android. The child can use Safe Mode to remove all restrictions temporarily or uninstall the application without the parents noticing...
Boomerang Parental Control Security Vulnerability
Boomerang Parental Control is an application from Boomerang for parents to restrain their children from using electronic devices. A security vulnerability exists in the Boomerang Parental Control application prior to version 13.83 Android, which stems from the ability to use Safe Mode to...
CVE-2023-36621
CVE-2023-36621 affects Boomerang Parental Control App (Android) up to version 13.83. Multiple connected sources describe a stored XSS and privilege escalation vulnerability in versions prior to 13.83, with at least one issue fixed in 13.83 or later. SEC Consult and PacketStorm indicate the vulner...
CVE-2023-36620
CVE-2023-36620 affects the Boomerang Parental Control Android app prior to version 13.83. The root cause is the manifest lacking android:allowBackup="false", enabling local backups of the app’s internal memory to a PC. This backup exposure grants access to the API token used for authenticating AP...
CVE-2023-36620
An issue was discovered in the Boomerang Parental Control application before 13.83 for Android. The app is missing the android:allowBackup="false" attribute in the manifest. This allows the user to backup the internal memory of the app to a PC. This gives the user access to the API token that is...
Boomerang Parental Control Security Vulnerability
Boomerang Parental Control is an application from Boomerang that is used by parents to regulate their children's use of electronic devices. A security vulnerability exists in the Boomerang Parental Control application prior to version 13.83 Android, which stems from the application's lack of the...
CVE-2023-36620
An issue was discovered in the Boomerang Parental Control application before 13.83 for Android. The app is missing the android:allowBackup="false" attribute in the manifest. This allows the user to backup the internal memory of the app to a PC. This gives the user access to the API token that is...