Filtered by vendor Fedirtsapana Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-46919 1 Fedirtsapana 2 Simple Http Server, Simple Http Server Plus 2024-10-01 6.3 Medium
Phlox com.phlox.simpleserver (aka Simple HTTP Server) 1.8 and com.phlox.simpleserver.plus (aka Simple HTTP Server PLUS) 1.8.1-plus have a hardcoded aKySWb2jjrr4dzkYXczKRt7K (AES) encryption key. An attacker with physical access to the application's source code or binary can extract this key & use it decrypt the TLS secret.
CVE-2023-46918 1 Fedirtsapana 1 Simple Http Server Plus 2024-08-02 4.6 Medium
Phlox com.phlox.simpleserver.plus (aka Simple HTTP Server PLUS) 1.8.1-plus has an Android manifest file that contains an entry with the android:allowBackup attribute set to true. This could be leveraged by an attacker with physical access to the device.
CVE-2023-43955 1 Fedirtsapana 1 Tv Bro 2024-08-02 9.8 Critical
The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData.