Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:52 a.m.8 views

CVE-2023-33293

An issue was discovered in KaiOS 3.0 and 3.1. The binary /system/kaios/api-daemon exposes a local web server on .localhost with subdomains for each installed applications, e.g., myapp.localhost. An attacker can make fetch requests to api-deamon to determine if a given app is installed and read th...

5.3CVSS6.6AI score0.0056EPSS
Exploits1References1
OSV
OSV
added 2023/05/22 4:15 p.m.2 views

CVE-2023-33293

An issue was discovered in KaiOS 3.0 and 3.1. The binary /system/kaios/api-daemon exposes a local web server on .localhost with subdomains for each installed applications, e.g., myapp.localhost. An attacker can make fetch requests to api-deamon to determine if a given app is installed and read th...

5.3CVSS6.1AI score
Exploits0References1
OSV
OSV
added 2018/08/01 4:29 p.m.3 views

CVE-2016-8651

An input validation flaw was found in the way OpenShift 3 handles requests for images. A user, with a copy of the manifest associated with an image, can pull an image even if they do not have access to the image normally, resulting in the disclosure of any information contained within the image...

3.5CVSS5.8AI score0.01351EPSS
Exploits0References3
OSV
OSV
added 2018/01/23 12:0 a.m.4 views

UBUNTU-CVE-2018-5112

Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. This could allow the development tools panel for the extension to load a URL that it should not be able to...

7.5CVSS7.1AI score0.02012EPSS
Exploits0References4
Rows per page
Query Builder