5 matches found
EUVD-2023-30137
Malicious code in bioql PyPI...
CVE-2022-28799
The TikTok application before 23.7.3 for Android allows account takeover. A crafted URL unvalidated deeplink can force the com.zhiliaoapp.musically WebView to load an arbitrary website. This may allow an attacker to leverage an attached JavaScript interface for the takeover with one click...
CVE-2022-25824
Improper access control vulnerability in BixbyTouch prior to version 2.2.00.6 in China models allows untrusted applications to load arbitrary URL and local files in webview...
3D Bowling - Base64 encoded String, Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application 3D Bowling published at the 'play' market has multiple vulnerabilities...
Flight Routes / Flight Plan - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Flight Routes / Flight Plan published at the 'play' market has multiple vulnerabilities...