EUVD-2025-25163

Malicious code in bioql PyPI...

CVE-2025-10721 Webull Investing & Trading App AndroidManifest.xml improper export of android application components

A vulnerability was determined in Webull Investing & Trading App 11.2.5.63 on Android. This vulnerability affects unknown code of the file AndroidManifest.xml. This manipulation causes improper export of android application components. The attack can only be executed locally. The exploit has been...

CVE-2025-10715

CVE-2025-10715 affects APEUni PTE Exam Practice App on Android up to version 10.8.0. Root cause: improper export of Android components due to an issue in AndroidManifest.xml for the package com.ape_edication. This enables a local attack; exploit has been released publicly. Remediation: update to ...

Seismic App 安全漏洞

Seismic App is a mobile application for a sales empowerment platform from Seismic USA. A security vulnerability exists in Seismic App version 2.4.2, which stems from an improper export of the file AndroidManifest.xml component and could lead to a local attack...

CVE-2025-5500

A flaw has been found in ZhenShi Mibro Fit App 1.6.3.17499 on Android. This impacts an unknown function of the file AndroidManifest.xml of the component com.xiaoxun.xunoversea.mibrofit. This manipulation causes improper export of android application components. The attack requires local access. T...

CVE-2025-5500 ZhenShi Mibro Fit App com.xiaoxun.xunoversea.mibrofit AndroidManifest.xml improper export of android application components

A flaw has been found in ZhenShi Mibro Fit App 1.6.3.17499 on Android. This impacts an unknown function of the file AndroidManifest.xml of the component com.xiaoxun.xunoversea.mibrofit. This manipulation causes improper export of android application components. The attack requires local access. T...

CVE-2025-9673

The CVE-2025-9673 entry concerns Kakao Hey Kakao App for Android (up to version 2.17.4) and affects the com.kakao.i.connect AndroidManifest.xml. The root cause is an improper export of Android components within the AndroidManifest.xml, enabling a local attack vector. Public exploitation is report...

Modo Legend of the Phoenix 安全漏洞

Modo Legend of the Phoenix is a mobile game by China Modo. A security vulnerability exists in Modo Legend of the Phoenix 1.0.5 and earlier versions, which stems from improper component export in the file AndroidManifest.xml and could lead to a local attack...

Kakao Hey Kakao App 安全漏洞

Kakao Hey Kakao App is a messaging app from the South Korean company Kakao. A security vulnerability exists in Kakao Hey Kakao App version 2.17.4 and earlier, which stems from improper component export in the file AndroidManifest.xml and could lead to a local attack...

CVE-2025-9102

A security vulnerability has been detected in 1&1 Mail & Media mail.com App 8.8.0 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.mail.mobile.android.mail. The manipulation leads to improper export of android application components. It is possible ...

CVE-2025-9134

A security vulnerability has been detected in AfterShip Package Tracker App up to 5.24.1 on Android. The affected element is an unknown function of the file AndroidManifest.xml of the component com.aftership.AfterShip. The manipulation leads to improper export of android application components. T...

CVE-2025-9134

A security vulnerability has been detected in AfterShip Package Tracker App up to 5.24.1 on Android. The affected element is an unknown function of the file AndroidManifest.xml of the component com.aftership.AfterShip. The manipulation leads to improper export of android application components. T...

CVE-2025-9135

CVE-2025-9135 affects Verkehrsauskunft Österreich SmartRide, cleVVVer, BusBahnBim and Salzburg Verkehr on Android up to version 12.1.1(258). Root cause: improper export of AndroidManifest.xml components due to manipulation of an unknown function, enabling a local attack. Public exploit exists. Im...

CVE-2025-9135 Verkehrsauskunft Österreich SmartRide/cleVVVer/BusBahnBim/Salzburg Verkehr AndroidManifest.xml improper export of android application components

A vulnerability was detected in Verkehrsauskunft Österreich SmartRide, cleVVVer, BusBahnBim and Salzburg Verkehr up to 12.1.1258 on Android. The impacted element is an unknown function of the file AndroidManifest.xml. The manipulation results in improper export of android application components...

CVE-2025-9135 Verkehrsauskunft Österreich SmartRide/cleVVVer/BusBahnBim/Salzburg Verkehr AndroidManifest.xml improper export of android application components

A vulnerability was detected in Verkehrsauskunft Österreich SmartRide, cleVVVer, BusBahnBim and Salzburg Verkehr up to 12.1.1258 on Android. The impacted element is an unknown function of the file AndroidManifest.xml. The manipulation results in improper export of android application components...

CVE-2025-9134 AfterShip Package Tracker App com.aftership.AfterShip AndroidManifest.xml improper export of android application components

A security vulnerability has been detected in AfterShip Package Tracker App up to 5.24.1 on Android. The affected element is an unknown function of the file AndroidManifest.xml of the component com.aftership.AfterShip. The manipulation leads to improper export of android application components. T...

CVE-2025-9102 1&1 Mail & Media mail.com App com.mail.mobile.android.mail AndroidManifest.xml improper export of android application components

A security vulnerability has been detected in 1&1 Mail & Media mail.com App 8.8.0 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.mail.mobile.android.mail. The manipulation leads to improper export of android application components. It is possible ...

CVE-2025-9098

A vulnerability was determined in Elseplus File Recovery App 4.4.21 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml. The manipulation leads to improper export of android application components. The attack needs to be approached locally. The exploit...

CVE-2025-9098 Elseplus File Recovery App AndroidManifest.xml improper export of android application components

A vulnerability was determined in Elseplus File Recovery App 4.4.21 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml. The manipulation leads to improper export of android application components. The attack needs to be approached locally. The exploit...

CVE-2025-9097 Euro Information CIC banque et compte en ligne App com.cic_prod.bad AndroidManifest.xml improper export of android application components

A vulnerability was found in Euro Information CIC banque et compte en ligne App 12.56.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.cicprod.bad. The manipulation leads to improper export of android application...