Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2025/09/02 11:15 p.m.0 views

CVE-2025-22433

In canForward of IntentForwarderActivity.java, there is a possible bypass of the cross profile intent filter most commonly used in Work Profile scenarios due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User...

7.8CVSS5.7AI score
Exploits0References3
NVD
NVDadded 2025/09/02 11:15 p.m.4 views

CVE-2025-22433

In canForward of IntentForwarderActivity.java, there is a possible bypass of the cross profile intent filter most commonly used in Work Profile scenarios due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User...

7.8CVSS0.00031EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/05/22 4:3 p.m.4 views

CVE-2020-0943

An authentication bypass vulnerability exists in Microsoft YourPhoneCompanion application for Android, in the way the application processes notifications generated by work profiles.This could allow an unauthenticated attacker to view notifications, aka 'Microsoft YourPhone Application for Android...

4.6CVSS7.1AI score0.00217EPSS
Exploits0References1
OSV
OSVadded 2023/05/15 10:15 p.m.2 views

CVE-2023-20914

In onSetRuntimePermissionGrantStateByDeviceAdmin of AdminRestrictedPermissionsUtils.java, there is a possible way for the work profile to read SMS messages due to a permissions bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is not...

5.5CVSS6.2AI score
Exploits0References1
ThreatPost
ThreatPostadded 2020/07/16 7:0 a.m.39 views

LokiBot Redux Attacks Massive List of Common Android Apps

Researchers have discovered a new variant of the LokiBot trojan called BlackRock, that’s attacking not just financial and banking apps, but also a massive list of well-known and commonly used brand-name apps on Android devices. The apps targeted include: Amazon, eBay, Facebook, Grinder, Instagram...

0.4AI score
Exploits0References6
Prion
Prionadded 2020/04/15 3:15 p.m.10 views

Authentication flaw

An authentication bypass vulnerability exists in Microsoft YourPhoneCompanion application for Android, in the way the application processes notifications generated by work profiles.This could allow an unauthenticated attacker to view notifications, aka 'Microsoft YourPhone Application for Android...

2.1CVSS5.1AI score0.00217EPSS
Exploits0References1
Cvelist
Cvelistadded 2020/04/15 3:12 p.m.11 views

CVE-2020-0943

An authentication bypass vulnerability exists in Microsoft YourPhoneCompanion application for Android, in the way the application processes notifications generated by work profiles.This could allow an unauthenticated attacker to view notifications, aka 'Microsoft YourPhone Application for Android...

5.2AI score0.00217EPSS
Exploits0References1
Microsoft CVE
Microsoft CVEadded 2020/04/14 7:0 a.m.15 views

Microsoft YourPhone Application for Android Authentication Bypass Vulnerability

An authentication bypass vulnerability exists in Microsoft YourPhoneCompanion application for Android, in the way the application processes notifications generated by work profiles. This could allow an unauthenticated attacker to view notifications. This requires an attacker to have access to the...

4.6CVSS3.5AI score0.00217EPSS
Exploits0
Rows per page
Query Builder