Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-8791

EPSS 0.36% · P58
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2019-8791

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An issue existed in the parsing of URL schemes. This issue was addressed with improved URL validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to an open redirect.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Shazam 输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Shazam是一款音乐播放应用程序。该程序具有音乐识别和播放等功能。 Shazam 9.25.0之前版本(Android)和12.11.0之前版本(iOS)中URL schemes的解析存在安全漏洞。攻击者可借助特制的URL利用该漏洞将用户重定向到其他网站。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
AppleShazam-Android unspecified ~ Shazam Android App Version 9.25.0 -
AppleShazam-iOS unspecified ~ Shazam iOS App Version 12.11.0 -

II. Public POCs for CVE-2019-8791

#POC DescriptionSource LinkShenlong Link
1PoC for CVE-2019-8791 & CVE-2019-8792https://github.com/ashleykinguk/Shazam-CVE-2019-8791-CVE-2019-8792POC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2019-8791

登录查看更多情报信息。

Same Patch Batch · Apple · 2019-12-18 · 245 CVEs total

CVE-2019-8603Apple macOS Mojave Accessibility Framework组件缓冲区错误漏洞
CVE-2019-8560多款Apple产品Disk Images组件缓冲区错误漏洞
CVE-2019-8561Apple macOS Mojave PackageKit组件输入验证错误漏洞
CVE-2019-8565Apple iOS和Apple macOS Mojave Feedback Assistant组件竞争条件问题漏洞
CVE-2019-8566Apple iOS ReplayKit组件信息泄露漏洞
CVE-2019-8567Apple iOS Wi-Fi组件信息泄露漏洞
CVE-2019-8589Apple macOS Mojave DesktopServices组件输入验证错误漏洞
CVE-2019-8591多款Apple产品Kernel组件安全漏洞
CVE-2019-8593多款Apple产品AppleFileConduit组件缓冲区错误漏洞
CVE-2019-8595多款Apple产品WebKit组件缓冲区错误漏洞
CVE-2019-8596多款Apple产品WebKit组件缓冲区错误漏洞
CVE-2019-8597多款Apple产品WebKit组件缓冲区错误漏洞
CVE-2019-8598多款Apple产品SQLite组件缓冲区错误漏洞
CVE-2019-8600多款Apple产品SQLite组件SQL注入漏洞
CVE-2019-8601多款Apple产品WebKit组件输入验证错误漏洞
CVE-2019-8602多款Apple产品SQLite组件缓冲区错误漏洞
CVE-2019-8617Apple iOS Photos Storage组件输入验证错误漏洞
CVE-2019-8620Apple iOS、Apple tvOS和watchOS Wi-Fi组件信息泄露漏洞
CVE-2019-8527多款Apple产品Kernel组件缓冲区错误漏洞
CVE-2019-8613Apple iOS和Apple watchOS Mail Message Framework组件存在资源管理错误漏洞

Showing top 20 of 245 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Shazam-Android
Same vendor: Apple

V. Comments for CVE-2019-8791

No comments yet

Leave a comment