Google Chrome 安全特征问题漏洞

Chrome is a web browsing tool developed by Google. versions prior to Google Chrome 95.0.4638.54 are vulnerable to a WebView misimplementation. An attacker could exploit this vulnerability to leak cross-domain data through a crafted application...

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 19 security fixes, including: 1246631 High CVE-2021-37981: Heap buffer overflow in Skia. Reported by Yangkang @dnpushme of 360 ATA on 2021-09-04 1248661 High CVE-2021-37982: Use after free in Incognito. Reported by Weipeng Jiang @Krace from Codesafe...

Basecamp: com.basecamp.bc3 Webview Javascript Injection and JS bridge takeover

It was identified that the android com.basecamp.bc3 application, contains a Webview where the loaded URLs are not sanitised properly. As this webview's functionality is extended via javascript interfaces and has the javascript enabled it is possible to inject arbitrary javascript code which will ...

CVE-2021-25463

Improper access control vulnerability in PENUP prior to version 3.8.00.18 allows arbitrary webpage loading in webview...

Improper access control

Improper access control vulnerability in PENUP prior to version 3.8.00.18 allows arbitrary webpage loading in webview...

CVE-2021-25463

Improper access control vulnerability in PENUP prior to version 3.8.00.18 allows arbitrary webpage loading in webview...

CVE-2021-25463

CVE-2021-25463 affects Samsung PENUP prior to version 3.8.00.18. The connected sources confirm an improper access control vulnerability that allows arbitrary webpage loading in the webview component. Impact is limited to the ability to load webpages within PENUP’s webview, with the CVSS details i...

PT-2021-16653 · Penup · Penup

Name of the Vulnerable Software and Affected Versions: PENUP versions prior to 3.8.00.18 Description: The issue is related to improper access control, allowing arbitrary webpage loading in webview. This could potentially lead to unauthorized access or malicious activities. Recommendations: For...

CVE-2021-25448

Improper access control vulnerability in Smart Touch Call prior to version 1.0.0.5 allows arbitrary webpage loading in webview...

CVE-2021-25446

Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause arbitrary webpage loading in webview...

Improper access control

Improper access control vulnerability in Smart Touch Call prior to version 1.0.0.5 allows arbitrary webpage loading in webview...

CVE-2021-25448

Improper access control vulnerability in Smart Touch Call prior to version 1.0.0.5 allows arbitrary webpage loading in webview...

CVE-2021-25447

The CVE concerns Samsung SmartThings. Affected product: SmartThings app (versions prior to 1.7.67.25). Root cause: improper access control allowing untrusted applications to perform local file inclusion in the WebView. Impact: local file inclusion in the app context (no vector details provided be...

CVE-2021-25446

CVE-2021-25446 affects Samsung SmartThings prior to version 1.7.67.25. The issue is an improper access control vulnerability that allows untrusted applications to cause arbitrary webpage loading in WebView. Evidence from multiple sources confirms the affected software version range and the root c...

SAMSUNG Smart Touch Call 安全漏洞

SAMSUNG Smart Touch Call is a smart call application from Samsung South Korea. lets users know immediately that a call is spam, blocks the call, and then lets users report the call. A security vulnerability exists in SAMSUNG Smart Touch Call prior to version 1.0.0.5, which stems from an improper...

SAMSUNG SmartThings 安全漏洞

SAMSUNG SmartThings is an app from South Korea's Samsung SAMSUNG that connects smart devices. A security vulnerability exists in SAMSUNG SmartThings versions prior to 1.7.67.25, which stems from the application allowing untrusted programs to include local files in the webview...

PT-2021-16638 · Unknown · Smart Touch Call

Name of the Vulnerable Software and Affected Versions: Smart Touch Call versions prior to 1.0.0.5 Description: The issue is related to improper access control, allowing arbitrary webpage loading in the webview component. Recommendations: For versions prior to 1.0.0.5, update to version 1.0.0.5 or...

SAMSUNG SmartThings 安全漏洞

SAMSUNG SmartThings is an app from South Korea's Samsung SAMSUNG that connects smart devices. A security vulnerability exists in SAMSUNG SmartThings versions prior to 1.7.67.25, which stems from the application allowing untrusted applications to arbitrarily load web pages in the webview...

PT-2021-16636 · Samsung · Smartthings

Name of the Vulnerable Software and Affected Versions: SmartThings versions prior to 1.7.67.25 Description: The issue is related to improper access control, allowing untrusted applications to cause arbitrary webpage loading in webview. Recommendations: For versions prior to 1.7.67.25, update to...

PT-2021-16637 · Samsung · Smartthings

Name of the Vulnerable Software and Affected Versions: SmartThings versions prior to 1.7.67.25 Description: The issue is related to improper access control, allowing untrusted applications to cause local file inclusion in webview. Recommendations: For versions prior to 1.7.67.25, update to versio...