Lucene search
+L

5 matches found

EUVD
EUVD
added 2026/06/29 12:31 a.m.12 views

EUVD-2026-40011

A weakness has been identified in Chess Play and Learn App up to 4.9.42 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.chess. This manipulation causes exposure of backup file to an unauthorized control sphere. It is feasible to perform...

2.4CVSS5.4AI score0.00133EPSS
Exploits0References7
NVD
NVD
added 2025/12/03 8:16 p.m.7 views

CVE-2025-66411

Coder allows organizations to provision remote development environments via Terraform. Prior to 2.26.5, 2.27.7, and 2.28.4, Workspace Agent manifests containing sensitive values were logged in plaintext unsanitized. An attacker with limited local access to the Coder Workspace VM, K8s Pod etc. or ...

7.8CVSS0.00203EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/09/19 12:0 a.m.5 views

Webull Investing & Trading App 安全漏洞

Webull Investing & Trading App is an online securities trading and financial investment application from Webull, Inc. A security vulnerability exists in Webull Investing & Trading App version 11.2.5.63, which stems from an improperly exported AndroidManifest.xml file and could lead to a local...

5.3CVSS5.3AI score0.00132EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/08/18 12:2 a.m.20 views

CVE-2025-9097 Euro Information CIC banque et compte en ligne App com.cic_prod.bad AndroidManifest.xml improper export of android application components

A vulnerability was found in Euro Information CIC banque et compte en ligne App 12.56.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.cicprod.bad. The manipulation leads to improper export of android application...

5.3CVSS0.00122EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/05/22 12:0 a.m.8 views

CVE-2023-33293

An issue was discovered in KaiOS 3.0 and 3.1. The binary /system/kaios/api-daemon exposes a local web server on .localhost with subdomains for each installed applications, e.g., myapp.localhost. An attacker can make fetch requests to api-deamon to determine if a given app is installed and read th...

6.8AI score0.0056EPSS
Exploits1References1
Rows per page
Query Builder