Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2025/05/23 1:6 a.m.4 views

CVE-2022-28799

The TikTok application before 23.7.3 for Android allows account takeover. A crafted URL unvalidated deeplink can force the com.zhiliaoapp.musically WebView to load an arbitrary website. This may allow an attacker to leverage an attached JavaScript interface for the takeover with one click...

8.8CVSS6.9AI score0.02669EPSS
Exploits0References1
Hacker One
Hacker Oneadded 2025/03/10 1:16 a.m.6 views

TikTok: Chain Vulnerability lead to Full Control Group Live Accounts & Undeletable Creator

A vulnerability was discovered in a TikTok LIVE backend platform that could have allowed a user to gain access controls beyond their account privileges. The vulnerability was reported by @eneri...

7.1AI score
Exploits0
Hacker One
Hacker Oneadded 2025/01/04 4:55 a.m.2 views

TikTok: Unauthorized Access to Private Video Description via Translation API for Private Accounts

A vulnerability was discovered in the TikTok translation API endpoint that could have allowed unauthorized access to video descriptions contained in private accounts...

6.9AI score
Exploits0
Hacker One
Hacker Oneadded 2024/11/27 4:13 p.m.205 views

TikTok: Unauthorized Access to TikTok Account [Private Videos] via API Endpoint

The vulnerability on a TikTok endpoint that allowed unauthorized viewing of videos from private accounts was discovered and reported by @datph4m. The issue was subsequently remediated...

7AI score
Exploits0
Hacker One
Hacker Oneadded 2024/07/01 2:47 p.m.11 views

TikTok: DOM XSS in tiktok.com/login via the redirect_url parameter

A DOM Cross-Site Scripting XSS vulnerability was found in the redirecturl parameter on the tiktok.com/login page. The vulnerability was reported and confirmed to be resolved...

5.9AI score
Exploits0
Malwarebytes
Malwarebytesadded 2022/09/05 10:0 a.m.16 views

A week in security (August 29 - September 4)

Last week on Malwarebytes Labs: Twilio data breach turns out to be more elaborate than suspected Playing Doom on a John Deere tractor with Sick Codes: Lock and Code S03E18 Chromium browsers can write to the system clipboard without your permission British Airways customers targeted in lost luggag...

0.4AI score
Exploits0
Malwarebytes
Malwarebytesadded 2020/01/13 4:29 p.m.27 views

A week in security (January 6 – 12)

Last week on Malwarebytes Labs, we told readers how to check the safety of websites and their related files, explored the shady behavior taking place within the billion-dollar search industry, broke down the top six ways that hackers target retail businesses, and put a spotlight on the ransomware...

0.4AI score
Exploits0
Rows per page
Query Builder