20 matches found
CVE-2026-48745
Traccar Client is a GPS tracking mobile app for sending location updates to private servers using the open-source Traccar platform. In versions 9.7.19 and below, a single crafted deep link can silently hijack all GPS tracking parameters and redirect telemetry to an attacker-controlled server. The...
EUVD-2026-33799
In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2026-0087
In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2026-0087
In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2026-0087
In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2026-0087
CVE-2026-0087 : The connected sources identify a logic error in Android’s DomainVerificationService.java (approvalLevelForDomainInternal) that could allow hijacking an arbitrary app link, enabling local privilege escalation without user interaction. The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:...
ASB-A-483142784
In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
Google Android 安全漏洞
Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from a logical error in the approvalLevelForDomainInternal function within the DomainVerificationService.java file. This vulnerability could...
DEBIAN-CVE-2026-28350
lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While pagestructure=True removes html, head, and title tags, there is no specific handling for , allowing an attacker to inje...
CVE-2026-28350
lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While pagestructure=True removes html, head, and title tags, there is no specific handling for , allowing an attacker to inje...
CVE-2025-66715
A DLL hijacking vulnerability in Axtion ODISSAAS ODIS v1.8.4 allows attackers to execute arbitrary code via a crafted DLL file...
PT-2025-54213
Name of the Vulnerable Software and Affected Versions TrueConf Client version 8.5.2 Description The software is susceptible to a DLL hijacking issue. A crafted wfapi.dll file can be used by a local attacker to execute arbitrary code with the privileges of the user. The attack involves exploiting ...
PT-2024-29358 · Lenovo · Lenovo Lock Screen
Name of the Vulnerable Software and Affected Versions: Lenovo Lock Screen affected versions not specified Description: A DLL hijack vulnerability was reported that could allow a local attacker to execute code with elevated privileges. Recommendations: At the moment, there is no information about ...
UBUNTU-CVE-2023-3922
An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to hijack some links and buttons on the GitLab UI to a malicious page...
Sifchain: Wrong Url in Main Page
Hello, There is no linkedin account belonging to the url you added to your homepage and this link can be easily captured by someone else. Misunderstandings may occur. F1293094 https://www.linkedin.com/company/kns-group/about/ Impact Broken Link Hijack...
Bitso: Broken link hijack
Hello sir My name is Mohit kumar i found a bug known as broken link hijack on telegram Steps to view bug -- Navigate to -- https://bitso.com/ -- go down and click on language and then click on Espanol-Argentina you can now see the telgram link click on that I have attached a video poc too There's...
PT-2020-4217 · Cisco · Cisco Anyconnect Secure Mobility Client
Name of the Vulnerable Software and Affected Versions: Cisco AnyConnect Secure Mobility Client for Windows affected versions not specified Description: A vulnerability in the interprocess communication IPC channel could allow an authenticated, local attacker to perform a DLL hijacking attack. The...
DLL Hijacking Vulnerability in Haofang Gaming Platform of Shanghai Haofang Online Information Technology Co.
Haofang Gaming Platform is a competitive gaming platform. Shanghai Haofang Online Information Technology Co. Haofang e-sports platform has a DLL hijacking vulnerability, which can be exploited by an attacker to inject an executable DLL file into the client process to perform arbitrary functions...
AutomationDirect Multiple Product DLL Hijacking Vulnerability
AutomationDirect is one of the larger PLC design and manufacturing companies in the world, with CLICK, C-More, and C-More Micro as part of the programming software, GS Drives as a configuration software, and SL-Soft SOLO as a temperature controller configuration software. Multiple product DLL...
Bomgar Remote Support DLL Hijacking Vulnerability
Bomgar Remote Support is a suite of cross-platform remote support software from Bomgar USA. The software provides remote assistance through firewalls for remote desktops, servers, POS systems and other mobile devices. A security vulnerability exists in the agent in Bomgar Remote Support, which...