CVE-2024-28745

LOW Year: 2024
CVSS v3 Score
3.3
Low
Weakness Type
CWE-732
View all →

Vulnerability Description

Improper export of Android application components issue exists in 'ABEMA' App for Android prior to 10.65.0 allowing another app installed on the user's device to access an arbitrary URL on 'ABEMA' App for Android via Intent. If this vulnerability is exploited, an arbitrary website may be displayed on the app, and as a result, the user may become a victim of a phishing attack.

Related Vulnerabilities

CVE-2012-6655

LOW
CVSS:3.3(Low)

An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords.

CWE-7322012

CVE-2016-4983

LOW
CVSS:3.3(Low)

A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files.

CWE-7322016

CVE-2017-1699

LOW
CVSS:3.3(Low)

IBM MQ Managed File Transfer Agent 8.0 and 9.0 sets insecure permissions on certain files it creates. A local attacker could exploit this vulnerability to modify or delete data contained in the files ...

CWE-7322017

CVE-2017-1716

LOW
CVSS:3.3(Low)

IBM Tivoli Workload Scheduler 8.6.0, 9.1.0, and 9.2.0 could disclose sensitive information to a local attacker due to improper permission settings. IBM X-Force ID: 134638.

CWE-7322017

CVE-2018-12209

LOW
CVSS:3.3(Low)

Insufficient access control in User Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.506...

CWE-7322018

CVE-2018-20936

LOW
CVSS:3.3(Low)

cPanel before 68.0.27 allows attackers to read the SRS secret via exim.conf (SEC-308).

CWE-7322018