Export limit exceeded: 367102 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (625 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-5344 | 2026-04-15 | N/A | ||
| Bluebird devices contain a pre-loaded kiosk application. This application exposes an unsecured service provider "com.bluebird.kiosk.launcher.IpartnerKioskRemoteService". A local attacker can bind to the AIDL-type service to modify device's global settings and wallpaper image. This issue affects all versions before 1.1.2. | ||||
| CVE-2023-41829 | 2026-04-15 | 5 Medium | ||
| An improper export vulnerability was reported in the Motorola Carrier Services application that could allow a malicious, local application to read files without authorization. | ||||
| CVE-2023-41818 | 2026-04-15 | 5 Medium | ||
| An improper use of the SD card for sensitive data vulnerability was reported in the Motorola Device Help application that could allow a local attacker to read system logs. | ||||
| CVE-2023-41817 | 2026-04-15 | 2.8 Low | ||
| An improper export vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read unauthorized information. | ||||
| CVE-2025-10721 | 2 Google, Webull | 2 Android, Investing & Trading App | 2026-04-15 | 5.3 Medium |
| A vulnerability was determined in Webull Investing & Trading App 11.2.5.63 on Android. This vulnerability affects unknown code of the file AndroidManifest.xml. This manipulation causes improper export of android application components. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-10718 | 2 Google, Ooma | 2 Android, Office Business Phone App | 2026-04-15 | 5.3 Medium |
| A vulnerability was found in Ooma Office Business Phone App up to 7.2.2 on Android. This affects an unknown part of the component com.ooma.office2. The manipulation results in improper export of android application components. The attack needs to be approached locally. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-10717 | 2 Google, Intsig | 2 Android, Camscanner App | 2026-04-15 | 5.3 Medium |
| A vulnerability has been found in intsig CamScanner App 6.91.1.5.250711 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.intsig.camscanner. The manipulation leads to improper export of android application components. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-10716 | 2 Creality, Google | 2 Cloud App, Android | 2026-04-15 | 5.3 Medium |
| A flaw has been found in Creality Cloud App up to 6.1.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.cxsw.sdprinter. Executing manipulation can lead to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-10715 | 2 Apeuni, Google | 2 Pte Exam Practice App, Android | 2026-04-15 | 5.3 Medium |
| A security flaw has been discovered in APEUni PTE Exam Practice App up to 10.8.0 on Android. The impacted element is an unknown function of the file AndroidManifest.xml of the component com.ape_edication. The manipulation results in improper export of android application components. The attack requires a local approach. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-10195 | 2 Google, Seismic | 2 Android, Seismic App | 2026-04-15 | 5.3 Medium |
| A vulnerability has been found in Seismic App 2.4.2 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.seismic.doccenter. Such manipulation leads to improper export of android application components. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-49201 | 2026-04-15 | 4.3 Medium | ||
| Keyfactor Remote File Orchestrator (aka remote-file-orchestrator) 2.8 before 2.8.1 allows Information Disclosure: sensitive information could be exposed at the debug logging level. | ||||
| CVE-2024-48770 | 1 Starvedia | 1 Com.wisdomcity.zwave | 2026-04-15 | 8.2 High |
| An issue in Plug n Play Camera com.wisdomcity.zwave 1.1.0 allows a remote attacker to obtain sensitive information via the firmware update process. | ||||
| CVE-2023-27504 | 2026-04-15 | 7.2 High | ||
| Improper conditions check in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-3334 | 1 Fortra | 1 Digital Guardian Agent | 2026-04-15 | 4.3 Medium |
| A security bypass vulnerability exists in the Removable Media Encryption (RME)component of Digital Guardian Windows Agents prior to version 8.2.0. This allows a user to circumvent encryption controls by modifying metadata on the USB device thereby compromising the confidentiality of the stored data. | ||||
| CVE-2023-41828 | 2026-04-15 | 4.4 Medium | ||
| An implicit intent export vulnerability was reported in the Motorola Phone application, that could allow unauthorized access to a non-exported content provider. | ||||
| CVE-2023-41827 | 2026-04-15 | 5.1 Medium | ||
| An improper export vulnerability was reported in the Motorola OTA update application, that could allow a malicious, local application to inject an HTML-based message on screen UI. | ||||
| CVE-2023-41826 | 2026-04-15 | 5.1 Medium | ||
| A PendingIntent hijacking vulnerability in Motorola Device Help (Genie) application that could allow local attackers to access files or interact with non-exported software components without permission. | ||||
| CVE-2023-41820 | 1 Motorola | 1 Ready For | 2026-04-15 | 5 Medium |
| An implicit intent vulnerability was reported in the Motorola Ready For application that could allow a local attacker to read information about connected Bluetooth audio devices. | ||||
| CVE-2023-41821 | 2026-04-15 | 5 Medium | ||
| A an improper export vulnerability was reported in the Motorola Setup application that could allow a local attacker to read sensitive user information. | ||||
| CVE-2023-41822 | 2026-04-15 | 4.8 Medium | ||
| An improper export vulnerability was reported in the Motorola Interface Test Tool application that could allow a malicious local application to execute OS commands. | ||||