EUVD-2023-55941

Malicious code in bioql PyPI...

CVE-2024-34405

Improper deep link validation in McAfee Security: Antivirus VPN for Android before 8.3.0 could allow an attacker to launch an arbitrary URL within the app...

CVE-2023-51219

A deep link validation issue in KakaoTalk 10.4.3 allowed a remote adversary to direct users to run any attacker-controlled JavaScript within a WebView. The impact was further escalated by triggering another WebView that leaked its access token in a HTTP request header. Ultimately, this access tok...

CVE-2024-34405

Improper deep link validation in McAfee Security: Antivirus VPN for Android before 8.3.0 could allow an attacker to launch an arbitrary URL within the app...

McAfee Security Antivirus VPN for Android Security Vulnerability

McAfee Security Antivirus VPN for Android is a cybersecurity software from McAfee USA. A security vulnerability exists in McAfee Security Antivirus VPN for Android prior to version 8.3.0, which stems from improper deep link validation and allows an attacker to launch arbitrary URLs within the...

CVE-2024-34405

Improper deep link validation in McAfee Security: Antivirus VPN for Android before 8.3.0 could allow an attacker to launch an arbitrary URL within the app...

CVE-2024-34405

The CVE-2024-34405 entry concerns McAfee Security: Antivirus VPN for Android prior to version 8.3.0. The issue is described as improper deep link validation, which could allow an attacker to launch an arbitrary URL from within the app. The RedHat/CNNVD/CVE ecosystem sources corroborate the genera...

CVE-2023-51219

A deep link validation issue in KakaoTalk 10.4.3 allowed a remote adversary to direct users to run any attacker-controlled JavaScript within a WebView. The impact was further escalated by triggering another WebView that leaked its access token in a HTTP request header. Ultimately, this access tok...

CVE-2023-51219

A deep link validation issue in KakaoTalk 10.4.3 allowed a remote adversary to direct users to run any attacker-controlled JavaScript within a WebView. The impact was further escalated by triggering another WebView that leaked its access token in a HTTP request header. Ultimately, this access tok...

CVE-2023-51219

A deep link validation issue in KakaoTalk 10.4.3 allowed a remote adversary to direct users to run any attacker-controlled JavaScript within a WebView. The impact was further escalated by triggering another WebView that leaked its access token in a HTTP request header. Ultimately, this access tok...

PT-2024-14074 · Kakao · Kakaotalk

Name of the Vulnerable Software and Affected Versions: KakaoTalk version 10.4.3 Description: A deep link validation issue allowed a remote adversary to direct users to run any attacker-controlled JavaScript within a WebView. The impact was further escalated by triggering another WebView that leak...

PT-2024-4663 · Mcafee · Mcafee Security: Antivirus Vpn For Android

Name of the Vulnerable Software and Affected Versions: McAfee Security: Antivirus VPN for Android versions prior to 8.3.0 Description: The issue is related to improper deep link validation, which could allow an attacker to launch an arbitrary URL within the app. This could potentially lead to...

Flickr: Incorrect Deep-link validation leading to unresponsive application and device

A specifically crafted URL provided to a victim caused their Flickr for Android app to become unresponsive...

Shopify: Improper deep link validation

The application contains an activity which validates and handles the deep link requests, initiated from a VIEW intent action. The declared schemes include http and https request for the domain shopify.com as well as .myshopify.com. The path prefixes include mostly subdirectories of the /admin pat...