25 matches found
EUVD-2023-46320
Malicious code in bioql PyPI...
EUVD-2023-25605
Malicious code in bioql PyPI...
EUVD-2024-52194
Malicious code in bioql PyPI...
CVE-2025-8393
A TLS vulnerability exists in the phone application used to manage a connected device. The phone application accepts self-signed certificates when establishing TLS communication which may result in man-in-the-middle attacks on untrusted networks. Captured communications may include user credentia...
CVE-2025-8393
CVE-2025-8393 describes a TLS trust issue in the Dreame Technology mobile apps (iOS/Android) used to manage a connected device. The phone application accepts self-signed certificates during TLS, which can enable man‑in‑the‑middle attacks on untrusted networks and may lead to exposure of user cred...
PT-2025-32374 · Unknown · Phone Application
Name of the Vulnerable Software and Affected Versions: Phone application affected versions not specified Description: A TLS vulnerability exists in the phone application used to manage a connected device. The application accepts self-signed certificates when establishing TLS communication,...
CVE-2023-41828
An implicit intent export vulnerability was reported in the Motorola Phone application, that could allow unauthorized access to a non-exported content provider...
CVE-2023-21437
Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast...
SAMSUNG libsavscmn 安全漏洞
Samsung libsavscmn is a cell phone application from the South Korean company Samsung SAMSUNG. An out-of-bounds write vulnerability exists in Samsung libsavscmn, which can be exploited by an attacker to execute arbitrary code...
CVE-2024-53935
CVE-2024-53935 affects the Android app com.callos14.callscreen.colorphone (aka iCall OS17 - Color Phone Flash) ≤ 4.3. The vulnerability lies in the DialerActivity component, where a crafted intent can be sent by any application with no permissions to initiate phone calls without user interaction....
CVE-2023-21437
Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast...
CVE-2023-21437
Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast...
Improper access control
Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast...
SAMSUNG Mobile devices 授权问题漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, and more, from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Feb-2023 Release 1 and prior, which stems from incorrect access control in the phone...
CVE-2023-21437
Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast...
CVE-2023-21437
Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast...
CVE-2023-21437
CVE-2023-21437 affects the Samsung Phone application prior to SMR Feb-2023 Release 1. The root cause is improper access control, enabling local attackers to access sensitive information via implicit broadcast. Impact is described as exposure of sensitive data with local attacker access and no use...
TCL LinkHub Mesh Wifi confctl_get_guest_wlan information disclosure vulnerability
Talos Vulnerability Report TALOS-2022-1503 TCL LinkHub Mesh Wifi confctlgetguestwlan information disclosure vulnerability August 1, 2022 CVE Number CVE-2022-27633 SUMMARY An information disclosure vulnerability exists in the confctlgetguestwlan functionality of TCL LinkHub Mesh Wifi MS1G0001.0014...
Samsung S Assistant 授权问题漏洞
Samsung S Assistant is a cell phone application from Samsung South Korea. It provides a cell phone management feature. A security vulnerability exists in S Assistant prior to version 7.5 that allows an attacker to remotely access sensitive information...
SNKRDUNK Market Place App for iOS vulnerable to improper server certificate verification
Overview SNKRDUNK Market Place App for iOS provided SODA, Inc. is vulnerable to improper server certificate verification CWE-295. Okazawa Yoshihiro of Cryptography Laboratory , Information and Communication Engineering ,Graduate School of Engineering , Tokyo Denki University reported this...