Tencent vConsole 安全漏洞

Tencent vConsole is a lightweight, extensible front-end development tool for mobile web from Tencent, China. A security vulnerability exists in Tencent vConsole version 3.15.0, which stems from a prototype contamination issue due to incorrect key and value parsing in setOptions...

CVE-2023-30363

vConsole v3.15.0 was discovered to contain a prototype pollution due to incorrect key and value resolution in setOptions in core.ts...

PT-2023-22654 · Vconsole · Vconsole

Name of the Vulnerable Software and Affected Versions: vConsole version 3.15.0 Description: The issue is related to a prototype pollution in vConsole due to incorrect key and value resolution in the setOptions function in core.ts. This can potentially lead to security issues. Recommendations: For...

CVE-2022-20419

In setOptions of ActivityRecord.java, there is a possible load any arbitrary Java code into launcher process due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

PT-2022-14646 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-12L through Android-13 Description: In the setOptions method of ActivityRecord.java, a logic error allows loading any arbitrary Java code into the launcher process. This could lead to local escalation of privilege...