| 3067 | Ability To Backdoor Facebook For Android |
Insecure deeplink
Android |
Meta / Facebook |
Ashley King (@AshleyKingUK) |
Bug Bounty | 2020-10-30 | 2023-06-13 |
| 2887 | ShazLocate! Abusing CVE-2019-8791 & CVE-2019-8792 |
Insecure deeplink
Information disclosure
Android |
Google
Apple |
Ashley King (@AshleyKingUK) |
Bug Bounty | 2021-01-17 | 2023-06-13 |
| 2161 | Auth Bypass in Google Assistant |
Insecure deeplink |
Google |
David Schütz (@xdavidhu) |
Bug Bounty | 2021-10-10 | 2023-06-13 |
| 2081 | Impact of an Insecure Deep Link |
Insecure deeplink |
CafeBazaar |
Yashar Shahinzadeh (@YShahinzadeh) |
Bug Bounty | 2021-11-13 | 2023-06-13 |
| 1902 | Facebook room deep linking vulnerability, allow malicious user to know the code for anyone’s meeting. |
Insecure deeplink
Android |
NA |
Quel (@RootIntrud3r) |
Bug Bounty | 2022-01-21 | 2023-06-13 |
| 1552 | Impact of an Insecure DeepLink |
Insecure deeplink
Android |
CafeBazaar |
Yashar Shahinzadeh (@YShahinzadeh) |
Bug Bounty | 2022-05-16 | 2023-06-13 |
| 1149 | Vulnerability in TikTok Android app could lead to one-click account hijacking |
Insecure deeplink
Android |
TikTok |
Microsoft 365 Defender Research Team |
Bug Bounty | 2022-08-31 | 2023-06-13 |
| 1034 | Shopping App Deeplink Arbitrary URLs |
Insecure deeplink
Android |
NA |
Neil Mark Ochea (@nmochea) |
Bug Bounty | 2022-09-25 | 2023-06-13 |
| 983 | Gcash Vulnerability Walkthrough |
Android
Insecure deeplink
Insecure intent |
Gcash |
Neil Mark Ochea (@nmochea) |
Bug Bounty | 2022-10-10 | 2023-06-13 |
| 787 | Account Takeover in KAYAK |
Account takeover
Android
Insecure deeplink |
KAYAK |
Carlos Bello |
Bug Bounty | 2022-11-23 | 2023-06-13 |
| 584 | 2022 Microsoft Teams RCE |
RCE
Insecure deeplink
Webview |
Microsoft |
@adm1nkyj1 |
Bug Bounty | 2023-01-16 | 2023-06-13 |
| 563 | Technical Advisory – Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434) |
Android
Insecure intent
Insecure deeplink
URL validation bypass |
Samsung |
Ken Gannon (@Yogehi) |
Bug Bounty | 2023-01-20 | 2023-06-13 |
| 311 | How I Leak Other’s Access Token by Exploiting Evil Deeplink Flaw |
Insecure deeplink
Android
Account takeover |
NA |
Crisdeo Nuel Siahaan |
Bug Bounty | 2023-03-13 | 2023-06-13 |
