Search Results (Refine Search)
- Keyword (text search): android
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-40530 |
Improper authorization in handler for custom URL scheme issue in 'Skylark' App for Android 6.2.13 and earlier and 'Skylark' App for iOS 6.2.13 and earlier allows an attacker to lead a user to access an arbitrary website via another application installed on the user's device. Published: August 25, 2023; 12:15:10 AM -0400 |
V3.1: 4.7 MEDIUM V2.0:(not available) |
CVE-2023-39507 |
Improper authorization in the custom URL scheme handler in "Rikunabi NEXT" App for Android prior to ver. 11.5.0 allows a malicious intent to lead the vulnerable App to access an arbitrary website. Published: August 16, 2023; 5:15:11 AM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-4363 |
Inappropriate implementation in WebShare in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to spoof the contents of a dialog URL via a crafted HTML page. (Chromium security severity: Medium) Published: August 15, 2023; 2:15:13 PM -0400 |
V3.1: 4.3 MEDIUM V2.0:(not available) |
CVE-2023-4361 |
Inappropriate implementation in Autofill in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Medium) Published: August 15, 2023; 2:15:12 PM -0400 |
V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2023-4350 |
Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High) Published: August 15, 2023; 2:15:11 PM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-2312 |
Use after free in Offline in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Published: August 15, 2023; 2:15:10 PM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-32609 |
Improper access control in the Intel Unite(R) android application before version 4.2.3504 may allow an authenticated user to potentially enable information disclosure via local access. Published: August 10, 2023; 11:15:32 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-27392 |
Incorrect default permissions in the Intel(R) Support android application before version v23.02.07 may allow a privileged user to potentially enable information disclosure via local access. Published: August 10, 2023; 11:15:23 PM -0400 |
V3.1: 4.4 MEDIUM V2.0:(not available) |
CVE-2023-39957 |
Nextcloud Talk Android allows users to place video and audio calls through Nextcloud on Android. Prior to version 17.0.0, an unprotected intend allowed malicious third party apps to trick the Talk Android app into writing files outside of its intended cache directory. Nextcloud Talk Android version 17.0.0 has a patch for this issue. No known workarounds are available. Published: August 10, 2023; 12:15:09 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-3736 |
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 115.0.5790.98 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) Published: August 01, 2023; 7:15:33 PM -0400 |
V3.1: 4.3 MEDIUM V2.0:(not available) |
CVE-2023-36351 |
An issue in Viatom Health ViHealth for Android v.2.74.58 and before allows a remote attacker to execute arbitrary code via the com.viatom.baselib.mvvm.webWebViewActivity component. Published: August 01, 2023; 7:15:30 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-4926 |
Insufficient policy enforcement in Intents in Google Chrome on Android prior to 109.0.5414.119 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium) Published: July 28, 2023; 8:15:11 PM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2022-4917 |
Incorrect security UI in Notifications in Google Chrome on Android prior to 103.0.5060.53 allowed a remote attacker to obscure the full screen notification via a crafted HTML page. (Chromium security severity: Low) Published: July 28, 2023; 8:15:11 PM -0400 |
V3.1: 4.3 MEDIUM V2.0:(not available) |
CVE-2023-32427 |
This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 4.2.0 for Android. An attacker in a privileged network position may be able to intercept network traffic. Published: July 28, 2023; 1:15:10 AM -0400 |
V3.1: 5.9 MEDIUM V2.0:(not available) |
CVE-2023-28203 |
The issue was addressed with improved checks. This issue is fixed in Apple Music 4.2.0 for Android. An app may be able to access contacts. Published: July 28, 2023; 1:15:10 AM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-33743 |
TeleAdapt RoomCast TA-2400 1.0 through 3.1 is vulnerable to Improper Access Control; specifically, Android Debug Bridge (adb) is available. Published: July 27, 2023; 5:15:13 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-38173 |
Microsoft Edge for Android Spoofing Vulnerability Published: July 21, 2023; 2:15:10 PM -0400 |
V3.1: 4.3 MEDIUM V2.0:(not available) |
CVE-2023-34625 |
ShowMojo MojoBox Digital Lockbox 1.4 is vulnerable to Authentication Bypass. The implementation of the lock opening mechanism via Bluetooth Low Energy (BLE) is vulnerable to replay attacks. A malicious user is able to intercept BLE requests and replicate them to open the lock at any time. Alternatively, an attacker with physical access to the device on which the Android app is installed, can obtain the latest BLE messages via the app logs and use them for opening the lock. Published: July 20, 2023; 4:15:10 PM -0400 |
V3.1: 8.1 HIGH V2.0:(not available) |
CVE-2023-21994 |
Vulnerability in the Oracle Mobile Security Suite product of Oracle Fusion Middleware (component: Android Mobile Authenticator App). Supported versions that are affected are Prior to 11.1.2.3.1. Easily exploitable vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware where the Oracle Mobile Security Suite executes to compromise Oracle Mobile Security Suite. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Mobile Security Suite accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). Published: July 18, 2023; 5:15:11 PM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-36888 |
Microsoft Edge for Android (Chromium-based) Tampering Vulnerability Published: July 14, 2023; 2:15:10 PM -0400 |
V3.1: 6.3 MEDIUM V2.0:(not available) |