SUSE CVE-2021-21186

Insufficient policy enforcement in QR scanning in Google Chrome on iOS prior to 89.0.4389.72 allowed an attacker who convinced the user to scan a QR code to bypass navigation restrictions via a crafted QR code...

CVE-2022-1127

Use after free in QR Code Generator in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction...

The vulnerability of the QR Code Generator browser extensions for Google Chrome and Microsoft Edge allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the QR Code Generator browser extensions for Google Chrome and Microsoft Edge is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

CVE-2021-43530

A Universal XSS vulnerability was present in Firefox for Android resulting from improper sanitization when processing a URL scanned from a QR code. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 94...

Mozilla Firefox 跨站脚本漏洞

Mozilla Firefox is an open source Web browser from the Mozilla Foundation. Mozilla Firefox has a cross-site scripting vulnerability that stems from the fact that the product does not effectively filter the special characters in the Url in the QR code, which can be exploited by attackers to execut...

PT-2021-7412 · Mozilla +1 · Firefox For Android +1

Name of the Vulnerable Software and Affected Versions: Firefox for Android versions prior to 94 Description: A Universal XSS issue exists due to improper sanitization when processing a URL scanned from a QR code, allowing a remote attacker to conduct a cross-site scripting XSS attack. This issue...

CVE-2021-27941

Unconstrained Web access to the device's private encryption key in the QR code pairing mode in the eWeLink mobile application through 4.9.2 on Android and through 4.9.1 on iOS allows a physically proximate attacker to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring th...

CVE-2021-25333

Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen via scanning specific QR code...

Samsung Pay mini 信息泄露漏洞

Samsung Pay mini is a mobile application from Samsung South Korea. It provides a mobile payment function. An information disclosure vulnerability exists in the Samsung Pay mini application prior to v4.0.14, which allows unauthorized users to access balance information by scanning a specific QR co...

CVE-2018-3899

An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. The transinfo call can overwrite a buffer of size 0x104, which is more than enough to...