VulnCheck KEV: CVE-2024-58274

Hikvision CSMP Comprehensive Security Management Platform iSecure Center through 2024-08-01 allows execution of a command within $ in /center/api/installation/detection JSON data, as exploited in the wild in 2024 and 2025...

EUVD-2023-25522

Malicious code in bioql PyPI...

EUVD-2022-25547

Malicious code in bioql PyPI...

EUVD-2021-6476

Malicious code in bioql PyPI...

CVE-2022-20264

In Usage Stats Service, there is a possible way to determine whether an app is installed, without query permissions due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

CVE-2021-39744

In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

CVE-2024-9398

The Mozilla Foundation's Security Advisory: By checking the result of calls to window.open with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed...

BIT-WORDPRESS-MULTISITE-2020-28037

isbloginstalled in wp-includes/functions.php in WordPress before 5.5.2 improperly determines whether WordPress is already installed, which might allow an attacker to perform a new installation, leading to remote code execution as well as a denial of service for the old installation...

CVE-2023-21350

CVE-2023-21350 affects Android's Media Projection component. An attacker can infer whether a target app is installed via a side-channel disclosure, without query permissions, enabling local information leakage with no user interaction. Impact is limited to confidentiality (high) per sources; atta...

CVE-2023-21304

CVE-2023-21304 describes an information-disclosure flaw in Android’s Content Service that can reveal whether an app is installed without query permissions, via a side-channel. The issue allows local information leakage without extra execution privileges and does not require user interaction to ex...

PT-2023-12642 · Unknown · Usage Stats Service

Name of the Vulnerable Software and Affected Versions: Usage Stats Service affected versions not specified Description: The issue allows an attacker to determine whether an app is installed without query permissions due to side channel information disclosure. This could lead to local information...

CVE-2022-20535

In registerLocalOnlyHotspotSoftApCallback of WifiManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed...

CVE-2022-20249

In LocaleManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

Design/Logic Flaw

In getConfiguredNetworks of WifiServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is no...

PUB-A-193800652

In hasNamedWallpaper of WallpaperManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is...

PUB-A-191954233

In getLaunchedFromUid and getLaunchedFromPackage of ActivityClientController.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution...

PUB-A-194697004

In cancelNotificationsFromListener of NotificationManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges...

IBM WebSphere Application Server Installation Inspection Tool Cross-Site Scripting Vulnerability

IBM WebSphere Application Server WAS is an application server product developed and distributed by IBM in the U.S. It is a platform for Java EE and Web services applications, and is the foundation of the IBM WebSphere software platform. A cross-site scripting vulnerability exists in the...

HangZhou XiongMai Technologies Net Surveillance Detection (HTTP)

HTTP based detection of HangZhou XiongMai Technologies Net Surveillance. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

StoreFront fails to detect Receiver installation with Internet Explorer

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. When navigating to a Receiver for Web site using Internet Explorer, a user will be asked to run a...