Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cordova vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2019-1010206
OSS Http Request (Apache Cordova Plugin) 6 is affected by: Missing SSL certificate validation. The impact is: certificate spoofing. The component is: use this library when https communication. The attack vector is: certificate spoofing.
Http Request Project Http Request 6.0
8.6
CVSSv3
CVE-2018-16202
Directory traversal vulnerability in cordova-plugin-ionic-webview versions before 2.2.0 (not including 2.0.0-beta.0, 2.0.0-beta.1, 2.0.0-beta.2, and 2.1.0-0) allows remote malicious users to access arbitrary files via unspecified vectors.
Ionicframework Ionic Web View 2.0.0
Ionicframework Ionic Web View
6.1
CVSSv3
CVE-2023-2507
CleverTap Cordova Plugin version 2.6.2 allows a remote malicious user to execute JavaScript code in any application that is opened via a specially constructed deeplink by an attacker. This is possible because the plugin does not correctly validate the data coming from the deeplin...
Clevertap Clevertap 2.6.2
5.5
CVSSv3
CVE-2021-43849
cordova-plugin-fingerprint-aio is a plugin provides a single and simple interface for accessing fingerprint APIs on both Android 6+ and iOS. In versions before 5.0.1 The exported activity `de.niklasmerz.cordova.biometric.BiometricActivity` can cause the app to crash. This vulnera...
Cordova Plugin Fingerprint All-in-one Project Cordova Plugin Fingerprint All-in-one
9.8
CVSSv3
CVE-2018-1000123
Ionic Team Cordova plugin iOS Keychain version before commit 18233ca25dfa92cca018b9c0935f43f78fd77fbf contains an Information Exposure Through Log Files (CWE-532) vulnerability in CDVKeychain.m that can result in login, password and other sensitive data leakage. This attack appea...
Ionicframework Ios Keychain
NA
CVE-2015-5257
drivers/usb/serial/whiteheat.c in the Linux kernel prior to 4.2.4 allows physically proximate malicious users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted USB device. NOTE: this ID was incorrectly used fo...
Linux Linux Kernel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3