Max CVSS 9.3 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2012-6636 6.8
The Android API before 17 does not properly restrict the WebView.addJavascriptInterface method, which allows remote attackers to execute arbitrary methods of Java objects by using the Java Reflection API within crafted JavaScript code that is loaded
02-06-2016 - 02:20 03-03-2014 - 04:50
CVE-2014-1939 7.5
java/android/webkit/ in Android before 4.4 uses the addJavascriptInterface API in conjunction with creating an object of the SearchBoxImpl class, which allows attackers to execute arbitrary Java code by leveraging access to the searc
26-05-2016 - 12:22 03-03-2014 - 04:50
CVE-2016-4783 4.3
Cross-site scripting (XSS) vulnerability in Lenovo SHAREit before 3.5.98_ww on Android before 4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)."
25-05-2016 - 18:22 23-05-2016 - 19:59
CVE-2016-4782 9.3
Lenovo SHAREit before 3.5.98_ww on Android before 4.2 allows remote attackers to have unspecified impact via a crafted intent: URL, aka an "intent scheme URL attack."
25-05-2016 - 18:20 23-05-2016 - 19:59
Back to Top Mark selected
Back to Top