Lucene search
K

8 matches found

Microsoft Secure
Microsoft Secure
added 2026/04/09 1:21 p.m.7 views

Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk

In this article 1. Technical details 2. Disclosure timeline 3. Mitigation and protection guidance 4. References 5. Learn more During routine security research, we identified a severe intent redirection vulnerability in a widely used third-party Android SDK called EngageSDK. This flaw allows apps ...

5.8AI score
Exploits0
OSV
OSV
added 2026/01/27 9:15 a.m.9 views

AZL-75470 CVE-2026-24809 affecting package ntopng for versions less than 5.2.1-4

An issue from the component luaGrunerror in dependencies/lua/src/ldebug.c in praydog/REFramework version before 1.5.5 leads to a heap-buffer overflow when a recursive error occurs...

6.9CVSS5.7AI score0.00139EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/03 12:0 a.m.4 views

webpack-dev-server 访问控制错误漏洞

webpack-dev-server is a webpack open source application that provides webpack. An access control error vulnerability exists in webpack-dev-server versions prior to 5.2.1, which stems from the possibility of source code theft when visiting a malicious website using a non-Chromium-based browser...

6.5CVSS7.4AI score0.00287EPSS
Exploits1References5
OSV
OSV
added 2025/04/07 2:15 p.m.2 views

DEBIAN-CVE-2025-30195

An attacker can publish a zone containing specific Resource Record Sets. Processing and caching results for these sets can lead to an illegal memory accesses and crash of the Recursor, causing a denial of service. The remedy is: upgrade to the patched 5.2.1 version. We would like to thank Volodym...

7.5CVSS7.4AI score0.0068EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.4 views

SUSE CVE-2007-1900

CRLF injection vulnerability in the FILTERVALIDATEEMAIL filter in ext/filter in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to inject arbitrary e-mail headers via an e-mail address with a '\n' character, which causes a regular expression to ignore the subsequent part of the address...

5CVSS7.5AI score0.02262EPSS
Exploits0References4
OSV
OSV
added 2022/05/24 5:7 p.m.3 views

GHSA-W6G9-XCCC-347H Plone Unauthenticated Write Vulnerability

A privilege escalation issue in plone.app.contenttypes in Plone 4.3 through 5.2.1 allows users to PUT overwrite some content without needing write permission...

9.8CVSS7.2AI score0.02258EPSS
Exploits0References8
CNVD
CNVD
added 2019/12/27 12:0 a.m.3 views

Apple iOS and Apple watchOS Mail Message Framework Component Resource Management Error Vulnerability

Apple iOS and Apple watchOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple watchOS is an operating system for smartwatches. mail Message Framework is one of the email messaging frameworks. A resource management error vulnerability exists in th...

9.8CVSS6.7AI score0.12621EPSS
Exploits0References1
OSV
OSV
added 2019/12/18 6:15 p.m.7 views

CVE-2019-8605

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to execute arbitrary code with system privileges...

7.8CVSS7.6AI score0.17438EPSS
Exploits6References5
Rows per page
Query Builder