CVSS: 9.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-46962
https://notcve.org/view.php?id=CVE-2024-46962
The SYQ com.downloader.video.fast (aka Master Video Downloader) application through 2.0 for Android allows an attacker to execute arbitrary JavaScript code via the com.downloader.video.fast.SpeedMainAct component. • https://github.com/actuator/com.downloader.video.fast/blob/main/CVE-2024-46962 https://play.google.com/store/apps/details?id=com.downloader.video.fast • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-46963
https://notcve.org/view.php?id=CVE-2024-46963
The com.superfast.video.downloader (aka Super Unlimited Video Downloader - All in One) application through 5.1.9 for Android allows an attacker to execute arbitrary JavaScript code via the com.bluesky.browser.ui.BrowserMainActivity component. • https://github.com/actuator/com.superfast.video.downloader/blob/main/CVE-2024-46963 https://play.google.com/store/apps/details?id=com.superfast.video.downloader • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-46964
https://notcve.org/view.php?id=CVE-2024-46964
The com.video.downloader.all (aka All Video Downloader) application through 11.28 for Android allows an attacker to execute arbitrary JavaScript code via the com.video.downloader.all.StartActivity component. • https://github.com/actuator/com.video.downloader.all/blob/main/CVE-2024-46964 https://play.google.com/store/apps/details?id=com.video.downloader.all • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-46965
https://notcve.org/view.php?id=CVE-2024-46965
The DS allvideo.downloader.browser (aka Fast Video Downloader: Browser) application through 1.6-RC1 for Android allows an attacker to execute arbitrary JavaScript code via the allvideo.downloader.browser.DefaultBrowserActivity component. • https://github.com/actuator/allvideo.downloader.browser/blob/main/CVE-2024-46965 https://play.google.com/store/apps/details?id=allvideo.downloader.browser • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-46966
https://notcve.org/view.php?id=CVE-2024-46966
The Ikhgur mn.ikhgur.khotoch (aka Video Downloader Pro & Browser) application through 1.0.42 for Android allows an attacker to execute arbitrary JavaScript code via the mn.ikhgur.khotoch.MainActivity component. • https://github.com/actuator/mn.ikhgur.khotoch/blob/main/CVE-2024-46966 https://play.google.com/store/apps/details?id=mn.ikhgur.khotoch • CWE-94: Improper Control of Generation of Code ('Code Injection') •