5 matches found
EUVD-2026-40011
A weakness has been identified in Chess Play and Learn App up to 4.9.42 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.chess. This manipulation causes exposure of backup file to an unauthorized control sphere. It is feasible to perform...
CVE-2025-66411
Coder allows organizations to provision remote development environments via Terraform. Prior to 2.26.5, 2.27.7, and 2.28.4, Workspace Agent manifests containing sensitive values were logged in plaintext unsanitized. An attacker with limited local access to the Coder Workspace VM, K8s Pod etc. or ...
Webull Investing & Trading App 安全漏洞
Webull Investing & Trading App is an online securities trading and financial investment application from Webull, Inc. A security vulnerability exists in Webull Investing & Trading App version 11.2.5.63, which stems from an improperly exported AndroidManifest.xml file and could lead to a local...
CVE-2025-9097 Euro Information CIC banque et compte en ligne App com.cic_prod.bad AndroidManifest.xml improper export of android application components
A vulnerability was found in Euro Information CIC banque et compte en ligne App 12.56.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.cicprod.bad. The manipulation leads to improper export of android application...
CVE-2023-33293
An issue was discovered in KaiOS 3.0 and 3.1. The binary /system/kaios/api-daemon exposes a local web server on .localhost with subdomains for each installed applications, e.g., myapp.localhost. An attacker can make fetch requests to api-deamon to determine if a given app is installed and read th...