Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Snyk
Snykadded 2025/12/15 7:40 p.m.1 views

NULL Pointer Dereference

Overview cordova-plugin-x-socialsharing is a Share text, images and other files, or a link via the native sharing widget of your device. Android is fully supported, as well as iOS 6 and up. WP8 has somewhat limited support. Affected versions of this package are vulnerable to NULL Pointer...

6.9CVSS6.7AI score0.00042EPSS
Exploits1References2
Code423n4
Code423n4added 2022/12/21 12:0 a.m.6 views

attacker can create un collateralized debt by reentrancy attack during _removeCollateral() by removing all collaterals and liquidating the last one which would set debt to zero. unfair liquidation can happen with reentrancy too

Lines of code Vulnerability details Impact Function removeCollateral removes collateral from msg.senders vault and code allows for onReceive hook to sell and repay debt before the debt check. during the hook function user can call other function of the PaprController contract, it's possible for...

7AI score
Exploits0
OSV
OSVadded 2021/06/22 12:15 p.m.0 views

CVE-2021-0547

In onReceive of NetInitiatedActivity.java, there is a possible way to supply an attacker-controlled value to a GPS HAL handler due to a missing permission check. This could lead to local escalation of privilege that may result in undefined behavior in some HAL implementations with no additional...

7.8CVSS5.9AI score
Exploits0References1
Prion
Prionadded 2021/06/22 11:15 a.m.12 views

Design/Logic Flaw

In onReceive of DevicePolicyManagerService.java, there is a possible enabling of disabled profiles due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

4.6CVSS7.6AI score0.00014EPSS
Exploits0References1Affected Software1
CNNVD
CNNVDadded 2021/05/03 12:0 a.m.3 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. An elevation of privilege vulnerability exists in Google Android onReceive. The vulnerability stems from a lack of permission checking in onReceive of NetInitiatedActivity.java. An attack...

7.8CVSS5.7AI score0.00014EPSS
Exploits0References4
OSV
OSVadded 2021/03/10 5:15 p.m.0 views

CVE-2021-0380

In onReceive of DcTracker.java, there is a possible way to trigger a provisioning URL and modify other telephony settings due to a missing permission check. This could lead to local escalation of privilege during the onboarding flow with no additional execution privileges needed. User interaction...

7.8CVSS7.2AI score0.00014EPSS
Exploits0References1
Rows per page
Query Builder