CVE-2025-14817

The component com.transsion.tranfacmode.entrance.main.MainActivity in com.transsion.tranfacmode has no permission control and can be accessed by third-party apps which can construct intents to directly open adb debugging functionality without user interaction...

CVE-2025-14817

The component com.transsion.tranfacmode.entrance.main.MainActivity in com.transsion.tranfacmode has no permission control and can be accessed by third-party apps which can construct intents to directly open adb debugging functionality without user interaction...

CVE-2025-57452

The CVE-2025-57452 entry affects the realme BackupRestore app, version 15.1.12_2810c08_250314, due to improper URI scheme handling in the component com.coloros.pc.PcToolMainActivity. This vulnerability could allow local attackers to trigger a crash and potential cross-site scripting (XSS) via cra...

PT-2024-32302 · Winshot · Winshot

Name of the Vulnerable Software and Affected Versions: Inshot com.downloader.privatebrowser aka Video Downloader - XDownloader versions 1.3.5 and earlier Description: The issue allows an attacker to execute arbitrary JavaScript code via the com.downloader.privatebrowser.activity.PrivateMainActivi...

CVE-2023-20916

In getMainActivityLaunchIntent of LauncherAppsService.java, there is a possible way to bypass the restrictions on starting activities from the background due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User...