25 matches found
EUVD-2022-39574
Malicious code in bioql PyPI...
EUVD-2022-39575
Malicious code in bioql PyPI...
CVE-2022-36873
Improper restriction of broadcasting Intent in GalaxyStoreBridgePageLinker of?Waterplugin prior to version 2.2.11.22081151 leaks MAC address of the connected Bluetooth device...
CVE-2022-36875
Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to access the file without permission...
CVE-2022-36874
Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number...
CVE-2022-36875
Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to access the file without permission...
CVE-2022-36875
Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to access the file without permission...
CVE-2022-36875
Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to access the file without permission...
CVE-2022-36874
Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number...
CVE-2022-36874
Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number...
CVE-2022-36874
Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number...
CVE-2022-36873
Improper restriction of broadcasting Intent in GalaxyStoreBridgePageLinker of?Waterplugin prior to version 2.2.11.22081151 leaks MAC address of the connected Bluetooth device...
CVE-2022-36873
Improper restriction of broadcasting Intent in GalaxyStoreBridgePageLinker of?Waterplugin prior to version 2.2.11.22081151 leaks MAC address of the connected Bluetooth device...
Input validation
Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to access the file without permission...
Input validation
Improper restriction of broadcasting Intent in GalaxyStoreBridgePageLinker of?Waterplugin prior to version 2.2.11.22081151 leaks MAC address of the connected Bluetooth device...
CVE-2022-36875
CVE-2022-36875 affects Waterplugin prior to version 2.2.11.22081151, with the root cause in SaWebViewRelayActivity where broadcasting intents was improperly restricted. This leads to an attacker being able to access files without permission. Remediation: upgrade to Waterplugin 2.2.11.22081151 or ...
CVE-2022-36874
Waterplugin vulnerable to improper handling of insufficient permissions or privileges prior to version 2.2.11.22040751, which can allow an attacker to access device IMEI and Serial number. Affected version range is prior to 2.2.11.22040751; remediation is to update to 2.2.11.22040751 or later. No...
CVE-2022-36875
Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to access the file without permission...
CVE-2022-36874
Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number...
PT-2022-23678 · Unknown · Waterplugin
Name of the Vulnerable Software and Affected Versions: Waterplugin versions prior to 2.2.11.22040751 Description: The issue is related to improper handling of insufficient permissions or privileges, allowing an attacker to access sensitive device information, including the IMEI and Serial number...