107 matches found
CVE-2026-21034
Improper export of android application components in Samsung Auto prior to version 3.1.2.61 in Android 15 and 3.2.0.38 in Android 16 allows local attacker to change audio configuration...
CVE-2026-21020
Improper export of android application components in OmaCP prior to SMR May-2026 Release 1 allows local attackers to trigger privileged functions...
CVE-2026-21034
The CVE-2026-21034 issue affects Samsung Auto: improper export of Android components in Samsung Auto prior to version 3.1.2.61 on Android 15 and 3.2.0.38 on Android 16 allows a local attacker to change audio configurations. The connected sources confirm the affected product (Samsung Auto) and the...
EUVD-2026-34801
Improper export of android application components in Galaxy Editing Service prior to SMR Jun-2026 Release 1 allows local attacker to execute privileged operations...
SAMSUNG Mobile devices 安全漏洞
Samsung Mobile devices are a series of mobile devices produced by South Korea’s Samsung Corporation, including smartphones and tablets. Versions of Samsung Mobile Devices prior to SMR Jun-2026 Release 1 contained security vulnerabilities. These vulnerabilities stemmed from improper export of...
SAMSUNG Auto Android 安全漏洞
Samsung Auto Android is a mobile screen mirroring and intelligent driving assistant platform developed by South Korea’s Samsung Corporation for use in vehicle scenarios. There were security vulnerabilities in versions prior to 3.1.2.61 of Samsung Auto Android 15, as well as versions prior to...
SAMSUNG SMR 安全漏洞
SAMSUNG SMR is a system patch package developed by Samsung Electronics of South Korea. It provides patches for Samsung mobile applications. Versions prior to SAMSUNG SMR May-2026 Release 1 contained security vulnerabilities. These vulnerabilities stemmed from improper export of Android applicatio...
CVE-2026-27195 Wasmtime is vulnerable to panic when dropping a `[Typed]Func::call_async` future
Wasmtime is a runtime for WebAssembly. Starting with Wasmtime 39.0.0, the component-model-async feature became the default, which brought with it a new implementation of TypedFunc::callasync which made it capable of calling async-typed guest export functions. However, that implementation had a bu...
CVE-2026-20983
Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Samsung Dialer privilege...
SAMSUNG Dialer 安全漏洞
Samsung Dialer is a dialer application developed by South Korea’s Samsung Corporation. Versions of the Samsung Dialer prior to SMR Feb-2026 Release 1 contained security vulnerabilities. These vulnerabilities stemmed from improper export of Android application components, potentially allowing loca...
CVE-2024-34654
Improper Export of android application component in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access files with My Files' privilege...
CVE-2025-14517
A vulnerability was determined in Yalantis uCrop 2.2.11. This affects the function UCropActivity of the file AndroidManifest.xml. Executing manipulation can lead to improper export of android application components. The attack can only be executed locally. The exploit has been publicly disclosed...
CVE-2025-58483
Improper export of android application components in Galaxy Store for Galaxy Watch prior to version 1.0.06.29 allows local attacker to install arbitrary application on Galaxy Store...
GHSA-WRWG-2HG8-V723 Astro vulnerable to reflected XSS via the server islands feature
Summary After some research it appears that it is possible to obtain a reflected XSS when the server islands feature is used in the targeted application, regardless of what was intended by the component templates. Details Server islands run in their own isolated context outside of the page reques...
EUVD-2025-24042
Malicious code in bioql PyPI...
EUVD-2025-30328
Malicious code in bioql PyPI...
EUVD-2025-26237
Malicious code in bioql PyPI...
EUVD-2025-28815
Malicious code in bioql PyPI...
CVE-2025-10721
A vulnerability was determined in Webull Investing & Trading App 11.2.5.63 on Android. This vulnerability affects unknown code of the file AndroidManifest.xml. This manipulation causes improper export of android application components. The attack can only be executed locally. The exploit has been...
CVE-2025-10718
A vulnerability was found in Ooma Office Business Phone App up to 7.2.2 on Android. This affects an unknown part of the component com.ooma.office2. The manipulation results in improper export of android application components. The attack needs to be approached locally. The exploit has been made...