CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-20523

Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user's cleartext browser history via an app.provider.query content://com.android.browser.searchhistory/searchhistory request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.072

EPSS Ranking 91.1%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

Products affected by CVE-2018-20523

Mi » Stock Browser » Version: 10.2.4g

cpe:2.3:a:mi:stock_browser:10.2.4g
Mi » Redmi 4a » Version: N/A

cpe:2.3:h:mi:redmi_4a:-
Mi » Redmi 5 Plus » Version: N/A

cpe:2.3:h:mi:redmi_5_plus:-
Mi » Redmi 6 » Version: N/A

cpe:2.3:h:mi:redmi_6:-
Mi » Redmi 6a » Version: N/A

cpe:2.3:h:mi:redmi_6a:-
Mi » Redmi 7 » Version: N/A

cpe:2.3:h:mi:redmi_7:-
Mi » Redmi 7a » Version: N/A

cpe:2.3:h:mi:redmi_7a:-
Mi » Redmi Go » Version: N/A

cpe:2.3:h:mi:redmi_go:-
Mi » Redmi K20 » Version: N/A

cpe:2.3:h:mi:redmi_k20:-
Mi » Redmi K20 Pro » Version: N/A

cpe:2.3:h:mi:redmi_k20_pro:-
Mi » Redmi Note 4 » Version: N/A

cpe:2.3:h:mi:redmi_note_4:-
Mi » Redmi Note 5 » Version: N/A

cpe:2.3:h:mi:redmi_note_5:-
Mi » Redmi Note 5 Pro » Version: N/A

cpe:2.3:h:mi:redmi_note_5_pro:-
Mi » Redmi Note 5a Prime » Version: N/A

cpe:2.3:h:mi:redmi_note_5a_prime:-
Mi » Redmi Note 6 Pro » Version: N/A

cpe:2.3:h:mi:redmi_note_6_pro:-
Mi » Redmi Note 7 » Version: N/A

cpe:2.3:h:mi:redmi_note_7:-
Mi » Redmi Note 7s » Version: N/A

cpe:2.3:h:mi:redmi_note_7s:-
Mi » Redmi S2 » Version: N/A

cpe:2.3:h:mi:redmi_s2:-
Mi » Redmi Y3 » Version: N/A

cpe:2.3:h:mi:redmi_y3:-
Mi » Redmi 4a Firmware » Version: N/A

cpe:2.3:o:mi:redmi_4a_firmware:-
Mi » Redmi 5 Plus Firmware » Version: N/A

cpe:2.3:o:mi:redmi_5_plus_firmware:-
Mi » Redmi 6 Firmware » Version: N/A

cpe:2.3:o:mi:redmi_6_firmware:-
Mi » Redmi 6a Firmware » Version: N/A

cpe:2.3:o:mi:redmi_6a_firmware:-
Mi » Redmi 7 Firmware » Version: N/A

cpe:2.3:o:mi:redmi_7_firmware:-
Mi » Redmi 7a Firmware » Version: N/A

cpe:2.3:o:mi:redmi_7a_firmware:-
Mi » Redmi Go Firmware » Version: N/A

cpe:2.3:o:mi:redmi_go_firmware:-
Mi » Redmi K20 Firmware » Version: N/A

cpe:2.3:o:mi:redmi_k20_firmware:-
Mi » Redmi K20 Pro Firmware » Version: N/A

cpe:2.3:o:mi:redmi_k20_pro_firmware:-
Mi » Redmi Note 4 Firmware » Version: N/A

cpe:2.3:o:mi:redmi_note_4_firmware:-
Mi » Redmi Note 5 Firmware » Version: N/A

cpe:2.3:o:mi:redmi_note_5_firmware:-
Mi » Redmi Note 5 Pro Firmware » Version: N/A

cpe:2.3:o:mi:redmi_note_5_pro_firmware:-
Mi » Redmi Note 5a Prime Firmware » Version: N/A

cpe:2.3:o:mi:redmi_note_5a_prime_firmware:-
Mi » Redmi Note 6 Pro Firmware » Version: N/A

cpe:2.3:o:mi:redmi_note_6_pro_firmware:-
Mi » Redmi Note 7 Firmware » Version: N/A

cpe:2.3:o:mi:redmi_note_7_firmware:-
Mi » Redmi Note 7s Firmware » Version: N/A

cpe:2.3:o:mi:redmi_note_7s_firmware:-
Mi » Redmi S2 Firmware » Version: N/A

cpe:2.3:o:mi:redmi_s2_firmware:-
Mi » Redmi Y3 Firmware » Version: N/A

cpe:2.3:o:mi:redmi_y3_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-20523

Products

Pricing

Contact Us