Lucene search
K

20 matches found

NVD
NVD
added 2026/06/17 1:20 p.m.19 views

CVE-2026-48745

Traccar Client is a GPS tracking mobile app for sending location updates to private servers using the open-source Traccar platform. In versions 9.7.19 and below, a single crafted deep link can silently hijack all GPS tracking parameters and redirect telemetry to an attacker-controlled server. The...

9.3CVSS0.00323EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/02 12:31 a.m.14 views

EUVD-2026-33799

In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

6AI score0.00082EPSS
Exploits0References2
NVD
NVD
added 2026/06/01 10:16 p.m.17 views

CVE-2026-0087

In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS0.00082EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/01 9:14 p.m.9 views

CVE-2026-0087

In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

6AI score0.00082EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/01 9:14 p.m.32 views

CVE-2026-0087

In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

0.00082EPSS
Exploits0References1
CVE
CVE
added 2026/06/01 9:14 p.m.40 views

CVE-2026-0087

CVE-2026-0087 : The connected sources identify a logic error in Android’s DomainVerificationService.java (approvalLevelForDomainInternal) that could allow hijacking an arbitrary app link, enabling local privilege escalation without user interaction. The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:...

7.8CVSS6AI score0.00082EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/06/01 12:0 a.m.11 views

ASB-A-483142784

In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6AI score0.00082EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.9 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from a logical error in the approvalLevelForDomainInternal function within the DomainVerificationService.java file. This vulnerability could...

7.8CVSS5.4AI score0.00082EPSS
Exploits0References1
OSV
OSV
added 2026/03/05 8:16 p.m.3 views

DEBIAN-CVE-2026-28350

lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While pagestructure=True removes html, head, and title tags, there is no specific handling for , allowing an attacker to inje...

6.1CVSS8.3AI score0.00254EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/03/05 7:49 p.m.7 views

CVE-2026-28350

lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While pagestructure=True removes html, head, and title tags, there is no specific handling for , allowing an attacker to inje...

6.1CVSS8.3AI score0.00254EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2026/01/09 12:0 a.m.4 views

CVE-2025-66715

A DLL hijacking vulnerability in Axtion ODISSAAS ODIS v1.8.4 allows attackers to execute arbitrary code via a crafted DLL file...

7.3AI score0.00211EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.4 views

PT-2025-54213

Name of the Vulnerable Software and Affected Versions TrueConf Client version 8.5.2 Description The software is susceptible to a DLL hijacking issue. A crafted wfapi.dll file can be used by a local attacker to execute arbitrary code with the privileges of the user. The attack involves exploiting ...

7.1CVSS7.2AI score0.00156EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/10/11 12:0 a.m.4 views

PT-2024-29358 · Lenovo · Lenovo Lock Screen

Name of the Vulnerable Software and Affected Versions: Lenovo Lock Screen affected versions not specified Description: A DLL hijack vulnerability was reported that could allow a local attacker to execute code with elevated privileges. Recommendations: At the moment, there is no information about ...

7.8CVSS7.2AI score0.00174EPSS
Exploits0References4
OSV
OSV
added 2023/09/29 8:15 a.m.3 views

UBUNTU-CVE-2023-3922

An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to hijack some links and buttons on the GitLab UI to a malicious page...

7.1CVSS5.8AI score0.00387EPSS
Exploits0References2
Hacker One
Hacker One
added 2021/05/07 8:20 p.m.89 views

Sifchain: Wrong Url in Main Page

Hello, There is no linkedin account belonging to the url you added to your homepage and this link can be easily captured by someone else. Misunderstandings may occur. F1293094 https://www.linkedin.com/company/kns-group/about/ Impact Broken Link Hijack...

6.8AI score
Exploits0
Hacker One
Hacker One
added 2021/02/12 6:55 p.m.89 views

Bitso: Broken link hijack

Hello sir My name is Mohit kumar i found a bug known as broken link hijack on telegram Steps to view bug -- Navigate to -- https://bitso.com/ -- go down and click on language and then click on Espanol-Argentina you can now see the telgram link click on that I have attached a video poc too There's...

1.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2020/08/05 12:0 a.m.5 views

PT-2020-4217 · Cisco · Cisco Anyconnect Secure Mobility Client

Name of the Vulnerable Software and Affected Versions: Cisco AnyConnect Secure Mobility Client for Windows affected versions not specified Description: A vulnerability in the interprocess communication IPC channel could allow an authenticated, local attacker to perform a DLL hijacking attack. The...

7.8CVSS6.8AI score0.10049EPSS
Exploits5References9
CNVD
CNVD
added 2020/04/21 12:0 a.m.1 views

DLL Hijacking Vulnerability in Haofang Gaming Platform of Shanghai Haofang Online Information Technology Co.

Haofang Gaming Platform is a competitive gaming platform. Shanghai Haofang Online Information Technology Co. Haofang e-sports platform has a DLL hijacking vulnerability, which can be exploited by an attacker to inject an executable DLL file into the client process to perform arbitrary functions...

7AI score
Exploits0
CNVD
CNVD
added 2017/11/13 12:0 a.m.6 views

AutomationDirect Multiple Product DLL Hijacking Vulnerability

AutomationDirect is one of the larger PLC design and manufacturing companies in the world, with CLICK, C-More, and C-More Micro as part of the programming software, GS Drives as a configuration software, and SL-Soft SOLO as a temperature controller configuration software. Multiple product DLL...

9.3CVSS7AI score0.01135EPSS
Exploits0References1
CNVD
CNVD
added 2017/10/27 12:0 a.m.2 views

Bomgar Remote Support DLL Hijacking Vulnerability

Bomgar Remote Support is a suite of cross-platform remote support software from Bomgar USA. The software provides remote assistance through firewalls for remote desktops, servers, POS systems and other mobile devices. A security vulnerability exists in the agent in Bomgar Remote Support, which...

9.3CVSS7AI score0.013EPSS
Exploits1References1
Rows per page
Query Builder