CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10960 matches found

Vulnrichment•added 2023/09/11 12:0 a.m.•10 views

CVE-2023-42471

The wave.ai.browser application through 1.0.35 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. It contains a manifest entry that exports the wave.ai.browser.ui.splash.SplashScreen activity. This activity uses a WebView component to display web conte...

7.5AI score0.01419EPSS

Exploits1References3

Positive Technologies•added 2023/09/11 12:0 a.m.•5 views

PT-2023-28360 · Imou Life · Imou Life

Name of the Vulnerable Software and Affected Versions: Imou Life com.mm.android.smartlifeiot application through 6.8.0 for Android Description: The issue allows Remote Code Execution via a crafted intent to an exported component, specifically relating to the com.mm.android.easy4ip.MainActivity...

9.8CVSS9.5AI score0.01986EPSS

Exploits1References8

Cvelist•added 2023/09/11 12:0 a.m.•25 views

CVE-2023-42471

9.3AI score0.01419EPSS

Exploits1References3

Cvelist•added 2023/09/11 12:0 a.m.•27 views

CVE-2023-42470

The Imou Life com.mm.android.smartlifeiot application through 6.8.0 for Android allows Remote Code Execution via a crafted intent to an exported component. This relates to the com.mm.android.easy4ip.MainActivity activity. JavaScript execution is enabled in the WebView, and direct web content...

9.6AI score0.01986EPSS

Exploits1References3

CNNVD•added 2023/09/11 12:0 a.m.•4 views

Govee Home Security Breach

Govee Home is a software application. Govee Home contains a security vulnerability that stems from the fact that the WebView component can be opened by any application on the device, and by sending the URL to a specially crafted website, an attacker can execute JavaScript in the WebView context o...

8.8CVSS6.8AI score0.00448EPSS

Exploits0References3

Positive Technologies•added 2023/09/11 12:0 a.m.•4 views

PT-2023-25434 · Govee · Govee Home

Name of the Vulnerable Software and Affected Versions: Govee Home app affected versions not specified Description: The Govee Home app has unprotected access to the WebView component, which can be opened by any app on the device. By sending a URL to a specially crafted site, an attacker can execut...

8.8CVSS8.6AI score0.00448EPSS

Exploits0References5

Positive Technologies•added 2023/09/11 12:0 a.m.•6 views

PT-2023-28361 · Unknown · Wave.Ai.Browser

Name of the Vulnerable Software and Affected Versions: wave.ai.browser application through 1.0.35 for Android Description: The issue allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. It contains a manifest entry that exports the...

9.8CVSS9.5AI score0.01419EPSS

Exploits1References7

CVE•added 2023/09/11 12:0 a.m.•46 views

CVE-2023-42470

The CVE-2023-42470 entry concerns the Imou Life app (com.mm.android.smartlifeiot) for Android, version up to 6.8.0. The underlying issue is Remote Code Execution via a crafted intent to an exported component, specifically com.mm.android.easy4ip.MainActivity. The vulnerability is facilitated by a ...

9.8CVSS9.2AI score0.01986EPSS

Exploits1References3Affected Software1

OSV•added 2023/08/28 2:47 p.m.•27 views

MAL-2023-7924 Malicious code in @webview/react-skeletor (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 756497fc47f785eae2c52c2c51d75ea29cbe95f6208c9d4c8b4ad576408efb7e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score

Exploits0References1

Japan Vulnerability Notes•added 2023/08/24 4:34 a.m.•2 views

"Skylark" App fails to restrict custom URL schemes properly

Overview "Skylark" App provided by SKYLARK HOLDINGS CO., LTD. provides the function to access a requested URL using Custom URL Scheme. The App does not restrict access to the function properly CWE-939, CVE-2023-40530, CVE-2024-54014 which may be exploited to direct the App to access any sites...

4.7CVSS6.6AI score0.0049EPSS

Exploits0References7