CVE-2024-54014

LOW Year: 2024
CVSS v3 Score
3.6
Low
Weakness Type
CWE-939
View all →

Vulnerability Description

Improper authorization in handler for custom URL scheme issue in 'Skylark' App for Android 6.2.13 and earlier and 'Skylark' App for iOS 6.2.13 and earlier allows an attacker to lead the application to access an arbitrary web site via another application installed on the user's device.

Related Vulnerabilities

CVE-2024-54125

LOW
CVSS:3.3(Low)

Improper authorization in handler for custom URL scheme issue in "Shonen Jump+" App for Android versions prior to 4.0.0 allows an attacker to lead a user to access an arbitrary website via the vulnera...

CWE-9392024

CVE-2024-35298

MEDIUM
CVSS:4.3(Medium)

Improper authorization in handler for custom URL scheme issue in 'ZOZOTOWN' App for Android versions prior to 7.39.6 allows an attacker to lead a user to access an arbitrary website via another applic...

CWE-9392024

CVE-2024-45203

MEDIUM
CVSS:4.3(Medium)

Improper authorization in handler for custom URL scheme issue in "@cosme" App for Android versions prior 5.69.0 and "@cosme" App for iOS versions prior to 6.74.0 allows an attacker to lead a user to a...

CWE-9392024

CVE-2025-5020

MEDIUM
CVSS:4.3(Medium)

Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox ...

CWE-9392025

CVE-2022-20736

MEDIUM
CVSS:5.3(Medium)

A vulnerability in the web-based management interface of Cisco AppDynamics Controller Software could allow an unauthenticated, remote attacker to access a configuration file and the login page for an ...

CWE-9392022

CVE-2023-43582

HIGH
CVSS:8.8(High)

Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access.

CWE-9392023