Lucene search
K

15 matches found

CVE
CVE
added 2026/06/23 5:40 p.m.33 views

CVE-2026-54318

Affected software: Home Assistant Android components. Vulnerability: LocationSensorManager BroadcastReceiver was exported with no permission prior to 2026.5.3, allowing any local app (zero runtime permissions) to broadcast a forged Google Play Services LocationResult to spoof the device’s locatio...

7.1CVSS5.9AI score0.00113EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.9 views

PT-2026-51577

Name of the Vulnerable Software and Affected Versions Home Assistant versions prior to 2026.5.3 Description The LocationSensorManager BroadcastReceiver is exported without requiring permissions. This allows any installed application on the device, regardless of its runtime permissions, to send a...

7.1CVSS5.8AI score0.00113EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/12/17 8:7 a.m.4 views

CVE-2025-65835

The Cordova plugin cordova-plugin-x-socialsharing SocialSharing-PhoneGap-Plugin for Android 6.0.4, registers an exported broadcast receiver nl.xservices.plugins.ShareChooserPendingIntent with an android.intent.action.SEND intent filter. The onReceive implementation accesses...

6.2CVSS6.7AI score0.00234EPSS
Exploits1References1
NVD
NVD
added 2025/12/15 7:16 p.m.9 views

CVE-2025-65835

The Cordova plugin cordova-plugin-x-socialsharing SocialSharing-PhoneGap-Plugin for Android 6.0.4, registers an exported broadcast receiver nl.xservices.plugins.ShareChooserPendingIntent with an android.intent.action.SEND intent filter. The onReceive implementation accesses...

6.2CVSS0.00234EPSS
Exploits1References3
OSV
OSV
added 2025/12/15 7:16 p.m.3 views

CVE-2025-65835

The Cordova plugin cordova-plugin-x-socialsharing SocialSharing-PhoneGap-Plugin for Android 6.0.4, registers an exported broadcast receiver nl.xservices.plugins.ShareChooserPendingIntent with an android.intent.action.SEND intent filter. The onReceive implementation accesses...

6.2CVSS6.7AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/15 12:0 a.m.4 views

PT-2025-51277

Name of the Vulnerable Software and Affected Versions cordova-plugin-x-socialsharing version 6.0.4 Description The Cordova plugin cordova-plugin-x-socialsharing SocialSharing-PhoneGap-Plugin for Android registers an exported broadcast receiver nl.xservices.plugins.ShareChooserPendingIntent with a...

6.2CVSS6.6AI score0.00234EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/12/15 12:0 a.m.2 views

CVE-2025-65835

The Cordova plugin cordova-plugin-x-socialsharing SocialSharing-PhoneGap-Plugin for Android 6.0.4, registers an exported broadcast receiver nl.xservices.plugins.ShareChooserPendingIntent with an android.intent.action.SEND intent filter. The onReceive implementation accesses...

6.3AI score0.00234EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/15 12:0 a.m.4 views

PhoneGap / Cordova Social Sharing plugin 安全漏洞

PhoneGap / Cordova Social Sharing plugin is a text file sharing plugin by Eddy Verbruggen Personal Developer. A security vulnerability exists in the PhoneGap / Cordova Social Sharing plugin version 6.0.4, which stems from the exported broadcast receiver not checking if Intent.EXTRACHOSENCOMPONENT...

6.2CVSS6.3AI score0.00234EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/12/15 12:0 a.m.18 views

CVE-2025-65835

The Cordova plugin cordova-plugin-x-socialsharing SocialSharing-PhoneGap-Plugin for Android 6.0.4, registers an exported broadcast receiver nl.xservices.plugins.ShareChooserPendingIntent with an android.intent.action.SEND intent filter. The onReceive implementation accesses...

0.00234EPSS
Exploits1References3
CVE
CVE
added 2025/12/15 12:0 a.m.15 views

CVE-2025-65835

The CVE-2025-65835 family concerns the Cordova plugin cordova-plugin-x-socialsharing (SocialSharing-PhoneGap-Plugin) for Android, version 6.0.4. An exported broadcast receiver nl.xservices.plugins.ShareChooserPendingIntent accepts android.intent.action.SEND intents and dereferences Intent.EXTRA_C...

6.2CVSS6.3AI score0.00234EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-6888

Malware in sbrugna...

5.5CVSS5.6AI score0.00533EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/04/22 12:0 a.m.5 views

PT-2024-12697 · Google +1 · Android +1

Name of the Vulnerable Software and Affected Versions: TCL 20XE Android device versions with software build fingerprints TCL/5087Z BO/Doha TMO:11/RP1A.200720.011/PB7I-0:user/release-keys and TCL/5087Z BO/Doha TMO:11/RP1A.200720.011/PB83-0:user/release-keys Description: The issue concerns a...

8.7CVSS6.7AI score0.0036EPSS
Exploits0References4
OSV
OSV
added 2018/12/28 9:29 p.m.3 views

CVE-2018-15005

The ZTE ZMAX Champ Android device with a build fingerprint of ZTE/Z917VL/fortune:6.0.1/MMB29M/20170327.120922:user/release-keys contains a pre-installed platform app with a package name of com.zte.zdm.sdm versionCode=31, versionName=V5.0.3 that contains an exported broadcast receiver app componen...

7.1CVSS5.8AI score
Exploits0References3
OSV
OSV
added 2018/12/28 9:29 p.m.4 views

CVE-2018-14985

The Leagoo Z5C Android device with a build fingerprint of sp7731c1h1032v4bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed platform app with a package name of com.android.settings versionCode=23, versionName=6.0-android.20170630.092853 that contains an exported...

7.1CVSS5.8AI score0.00347EPSS
Exploits1References2
Prion
Prion
added 2017/01/13 9:59 a.m.39 views

Design/Logic Flaw

An issue was discovered on BLU Advance 5.0 and BLU R1 HD devices with Shanghai Adups software. The com.adups.fota.sysoper app is installed as a system app and cannot be disabled by the user. In the com.adups.fota.sysoper app's AndroidManifest.xml file, it sets the android:sharedUserId attribute t...

7.2CVSS7.7AI score0.00378EPSS
Exploits0References3
Rows per page
Query Builder