CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-29748
https://notcve.org/view.php?id=CVE-2023-29748
Story Saver for Instragram - Video Downloader 1.0.6 for Android has an exposed component that provides a method to modify the SharedPreference file. An attacker can leverage this method to inject a large amount of data into any SharedPreference file, which will be loaded into memory when the application is opened. When an attacker injects too much data, the application will trigger an OOM error and crash at startup, resulting in a persistent denial of service. Story Saver para Instagram - Vídeo Downloader v1.0.6 para Android tiene un componente expuesto que proporciona un método para modificar el archivo "SharedPreference". Un atacante puede aprovechar este método para inyectar una gran cantidad de datos en cualquier archivo "SharedPreference", que se cargará en la memoria cuando se abra la aplicación. • https://apksos.com/app/story.saver.downloader.photo.video.repost.byrk https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29748/CVE%20detail.md https://play.google.com/store/apps/details?id=ru.yandex.yandexnavi https://www.instagram.com/nihans_macrame •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-29747
https://notcve.org/view.php?id=CVE-2023-29747
Story Saver for Instragram - Video Downloader 1.0.6 for Android exists exposed component, the component provides the method to modify the SharedPreference file. The attacker can use the method to modify the data in any SharedPreference file, these data will be loaded into the memory when the application is opened. Depending on how the data is used, this can result in various attack consequences, such as ad display exceptions. • https://apksos.com/app/story.saver.downloader.photo.video.repost.byrk https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29747/CVE%20detail.md https://www.instagram.com/nihans_macrame •