Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded 2024/08/24 11:15 p.m.21 views

CVE-2024-45240

The TikTok aka com.zhiliaoapp.musically application before 34.5.5 for Android allows the takeover of Lynxview JavaScript interfaces via deeplink traversal in the application's exposed WebView. On Android 12 and later, this is only exploitable by third-party applications...

7.4CVSS0.00233EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/08/24 12:0 a.m.22 views

CVE-2024-45240

The TikTok aka com.zhiliaoapp.musically application before 34.5.5 for Android allows the takeover of Lynxview JavaScript interfaces via deeplink traversal in the application's exposed WebView. On Android 12 and later, this is only exploitable by third-party applications...

0.00233EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/08/24 12:0 a.m.3 views

PT-2024-31498 · Bytedance · Tiktok

Name of the Vulnerable Software and Affected Versions: TikTok versions prior to 34.5.5 Description: The issue allows the takeover of Lynxview JavaScript interfaces via deeplink traversal in the application's exposed WebView. On Android 12 and later, this is only exploitable by third-party...

7.4CVSS7.1AI score0.00233EPSS
Exploits0References6
CNNVD
CNNVDadded 2024/08/24 12:0 a.m.3 views

TikTok 安全漏洞

Bytedance TikTok Jieyin International Version is an application for creating and sharing short videos by Chinese company Bytedance. A security vulnerability exists in TikTok versions prior to 34.5.5 that stems from allowing traversal of the Lynxview JavaScript interface via deep links...

7.4CVSS6.7AI score0.00233EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/08/24 12:0 a.m.8 views

CVE-2024-45240

The TikTok aka com.zhiliaoapp.musically application before 34.5.5 for Android allows the takeover of Lynxview JavaScript interfaces via deeplink traversal in the application's exposed WebView. On Android 12 and later, this is only exploitable by third-party applications...

6.9AI score0.00233EPSS
Exploits0References1
Hacker One
Hacker Oneadded 2024/03/14 8:29 p.m.73 views

TikTok: Lynxview JS interfaces Takeover via deeplink traversal

The application had vulnerabilities that could have allowed the takeover of JavaScript interfaces via the application's exposed Webview. The issues were only present in older versions of the Android application and were addressed after the researcher reported them to the team...

7.1AI score
Exploits0
Openbugbounty
Openbugbountyadded 2018/06/06 12:50 a.m.12 views

delorie.com XSS vulnerability

Open Bug Bounty ID: OBB-627762 Description| Value ---|--- Affected Website:| delorie.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Rows per page
Query Builder