221 matches found
CVE-2026-58460
react-native-receive-sharing-intent contains a path traversal vulnerability that allows a co-resident malicious application to write files outside the intended cache directory by supplying a crafted displayname value containing dot-dot path components through a malicious ContentProvider. Attacker...
CVE-2026-58460
CVE-2026-58460 affects the React Native package react-native-receive-sharing-intent. A path traversal vulnerability allows a co-resident malicious app to write files outside the intended cache directory by supplying a crafted _display_name with dot-dot path components via a malicious ContentProvi...
EUVD-2026-41437
react-native-receive-sharing-intent contains a path traversal vulnerability that allows a co-resident malicious application to write files outside the intended cache directory by supplying a crafted displayname value containing dot-dot path components through a malicious ContentProvider. Attacker...
CVE-2026-58460 react-native-receive-sharing-intent Path Traversal via _display_name
react-native-receive-sharing-intent contains a path traversal vulnerability that allows a co-resident malicious application to write files outside the intended cache directory by supplying a crafted displayname value containing dot-dot path components through a malicious ContentProvider. Attacker...
CVE-2026-58460
react-native-receive-sharing-intent contains a path traversal vulnerability that allows a co-resident malicious application to write files outside the intended cache directory by supplying a crafted displayname value containing dot-dot path components through a malicious ContentProvider. Attacker...
PT-2026-55309
Name of the Vulnerable Software and Affected Versions react-native-receive-sharing-intent affected versions not specified Description A path traversal issue exists where a co-resident malicious application can write files outside the intended cache directory. This occurs when a crafted display na...
chatpdf.pro
Dirty Stream Vulnerability in chatpdf.pro App Name: PDF...
CVE-2026-35394
Mobile Next is an MCP server for mobile development and automation. Prior to 0.0.50, the mobileopenurl tool in mobile-mcp passes user-supplied URLs directly to Android's intent system without any scheme validation, allowing execution of arbitrary Android intents, including USSD codes, phone calls...
GHSA-5QHV-X9J4-C3VM @mobilenext/mobile-mcp: Arbitrary Android Intent Execution via mobile_open_url
Summary The mobileopenurl tool in mobile-mcp passes user-supplied URLs directly to Android's intent system without any scheme validation, allowing execution of arbitrary Android intents, including USSD codes, phone calls, SMS messages, and content provider access. Details The vulnerable code pass...
CVE-2026-3671
A flaw has been found in Freedom Factory dGEN1 up to 20260221. Affected by this vulnerability is the function TokenBalanceContentProvider of the component org.ethereumphone.walletmanager.testing123. Executing a manipulation can lead to improper authorization. The attack requires local access. The...
CVE-2026-3671
The CVE-2026-3671 entry concerns Freedom Factory dGEN1 (up to 20260221) with a flaw in the TokenBalanceContentProvider function of org.ethereumphone.walletmanager.testing123. The underlying issue permits local manipulation that leads to improper authorization, affecting confidentiality (PARTIAL) ...
CVE-2025-48636
In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48619
In multiple functions of ContentProvider.java, there is a possible way for an app with read-only access to truncate files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2025-48636
In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48619
In multiple functions of ContentProvider.java, there is a possible way for an app with read-only access to truncate files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2025-48619
In multiple functions of ContentProvider.java, there is a possible way for an app with read-only access to truncate files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2025-48636
In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48636
In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
EUVD-2025-208215
In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48619
In multiple functions of ContentProvider.java, there is a possible way for an app with read-only access to truncate files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...