Lucene search
K

56 matches found

NVD
NVD
added 2026/07/02 9:16 p.m.5 views

CVE-2026-58460

react-native-receive-sharing-intent contains a path traversal vulnerability that allows a co-resident malicious application to write files outside the intended cache directory by supplying a crafted displayname value containing dot-dot path components through a malicious ContentProvider. Attacker...

7.7CVSS0.00138EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/02 8:10 p.m.8 views

EUVD-2026-41437

react-native-receive-sharing-intent contains a path traversal vulnerability that allows a co-resident malicious application to write files outside the intended cache directory by supplying a crafted displayname value containing dot-dot path components through a malicious ContentProvider. Attacker...

7.7CVSS5.9AI score0.00138EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 8:10 p.m.14 views

CVE-2026-58460

CVE-2026-58460 affects the React Native package react-native-receive-sharing-intent. A path traversal vulnerability allows a co-resident malicious app to write files outside the intended cache directory by supplying a crafted _display_name with dot-dot path components via a malicious ContentProvi...

7.7CVSS5.9AI score0.00138EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/02 8:10 p.m.7 views

CVE-2026-58460

react-native-receive-sharing-intent contains a path traversal vulnerability that allows a co-resident malicious application to write files outside the intended cache directory by supplying a crafted displayname value containing dot-dot path components through a malicious ContentProvider. Attacker...

7.7CVSS5.9AI score0.00138EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 12:38 p.m.5 views

CVE-2023-29758

An issue found in Blue Light Filter v.1.5.5 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files...

5.5CVSS6.6AI score0.00327EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-19496

Malware in sbrugna...

4.3CVSS4.2AI score0.00881EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/22 9:18 p.m.9 views

CVE-2021-32695

Nextcloud Android app is the Android client for Nextcloud. In versions prior to 3.16.1, a malicious app on the same device could have gotten access to the shared preferences of the Nextcloud Android application. This required user-interaction as a victim had to initiate the sharing flow and choos...

4.3CVSS6.7AI score0.00881EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2025/03/05 2:41 p.m.120 views

Exploit for CVE-2025-25381

CVE-2025-25381: Plaintext Storage of Sensitive Information in...

7.5CVSS6.5AI score0.00382EPSS
Exploits1
OSV
OSV
added 2024/12/06 9:24 p.m.12 views

GHSA-3HPF-FF72-J67P shared_preferences_android vulnerability

Impact Due to some data types not being natively representable for the available storage options, sharedpreferencesandroid serializes and deserializes special string prefixes to store these unrepresentable data types. This allows arbitrary classes to be deserialized leading to arbitrary code...

3CVSS7.6AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2024/12/06 9:24 p.m.64 views

shared_preferences_android vulnerability

Impact Due to some data types not being natively representable for the available storage options, sharedpreferencesandroid serializes and deserializes special string prefixes to store these unrepresentable data types. This allows arbitrary classes to be deserialized leading to arbitrary code...

7.6AI score
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/12/06 12:0 a.m.3 views

PT-2024-40049 · Unknown · Shared Preferences Android

Name of the Vulnerable Software and Affected Versions: shared preferences android versions prior to 2.3.4 Description: The issue arises from the serialization and deserialization of special string prefixes used to store data types that are not natively representable by the available storage...

3CVSS8AI score
Exploits0References4
GitLab Advisory Database
GitLab Advisory Database
added 2024/12/06 12:0 a.m.7 views

shared_preferences_android vulnerability

Due to some data types not being natively representable for the available storage options, sharedpreferencesandroid serializes and deserializes special string prefixes to store these unrepresentable data types. This allows arbitrary classes to be deserialized leading to arbitrary code execution. ...

6.1AI score
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/06/09 9:15 p.m.5 views

CVE-2023-29751

An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files...

5.5CVSS6.1AI score0.002EPSS
Exploits1References2
OSV
OSV
added 2023/06/09 9:15 p.m.6 views

CVE-2023-29753

An issue found in Facemoji Emoji Keyboard v.2.9.1.2 for Android allows a local attacker to cause a denial of service via the SharedPreference files...

5.5CVSS5.8AI score0.0019EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/06/09 9:15 p.m.2 views

CVE-2023-29753

An issue found in Facemoji Emoji Keyboard v.2.9.1.2 for Android allows a local attacker to cause a denial of service via the SharedPreference files...

5.5CVSS6.1AI score0.0019EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/06/09 8:15 p.m.2 views

CVE-2023-29757

An issue found in Blue Light Filter v.1.5.5 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the SharedPreference files...

7.8CVSS7AI score0.00398EPSS
Exploits1References2
OSV
OSV
added 2023/06/09 8:15 p.m.3 views

CVE-2023-29756

An issue found in Twilight v.13.3 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files...

5.5CVSS5.8AI score0.00218EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/06/09 12:0 a.m.6 views

PT-2023-22401 · Unknown · Facemoji Emoji Keyboard

Name of the Vulnerable Software and Affected Versions: Facemoji Emoji Keyboard version 2.9.1.2 Description: A local attacker can cause a denial of service via the SharedPreference files. Recommendations: For Facemoji Emoji Keyboard version 2.9.1.2, update to a newer version that contains a fix fo...

5.5CVSS7AI score0.0019EPSS
Exploits1References2
OSV
OSV
added 2023/06/01 3:15 a.m.6 views

CVE-2023-29748

Story Saver for Instragram - Video Downloader 1.0.6 for Android has an exposed component that provides a method to modify the SharedPreference file. An attacker can leverage this method to inject a large amount of data into any SharedPreference file, which will be loaded into memory when the...

7.5CVSS5.8AI score0.01202EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2023/06/01 3:15 a.m.2 views

CVE-2023-29748

Story Saver for Instragram - Video Downloader 1.0.6 for Android has an exposed component that provides a method to modify the SharedPreference file. An attacker can leverage this method to inject a large amount of data into any SharedPreference file, which will be loaded into memory when the...

7.5CVSS7AI score0.01202EPSS
Exploits1References5
Rows per page
Query Builder