Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Mi Subscribe
Filtered by product Redmi 5 Plus
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-20523 1 Mi 37 Redmi 4a, Redmi 4a Firmware, Redmi 5 Plus and 34 more 2022-04-19 5.0 MEDIUM 5.3 MEDIUM
Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user's cleartext browser history via an app.provider.query content://com.android.browser.searchhistory/searchhistory request.