Shareit

shareit

Vendor: Lenovo • 7 CVEs

CVEs (7)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-4783 1Lenovo 1Shareit May 6, 2026 May 23, 2016 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in Lenovo SHAREit before 3.5.98_ww on Android before 4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)."
CVE-2016-4782 1Lenovo 1Shareit May 6, 2026 May 23, 2016 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Lenovo SHAREit before 3.5.98_ww on Android before 4.2 allows remote attackers to have unspecified impact via a crafted intent: URL, aka an "intent scheme URL attack."
CVE-2016-1492 1Lenovo 1Shareit May 6, 2026 Jan 26, 2016 N/A· v4 6.1 MEDIUM· v3 2.9 LOW· v2 The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote attackers to obtain access by leveraging a position within...Show more The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.Show less
CVE-2016-1491 1Lenovo 1Shareit May 6, 2026 Jan 26, 2016 N/A· v4 8.8 HIGH· v3 5.4 MEDIUM· v2 The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote attackers to obtain access by leveraging a position wi...Show more The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.Show less
CVE-2016-1490 1Lenovo 1Shareit May 6, 2026 Jan 26, 2016 N/A· v4 4.1 MEDIUM· v3 2.7 LOW· v2 The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows allows remote attackers to obtain sensitive file names via a crafted file request to /list.
CVE-2016-1489 1Lenovo 1Shareit May 6, 2026 Jan 26, 2016 N/A· v4 8.0 HIGH· v3 4.3 MEDIUM· v2 Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww for Android transfer files in cleartext, which allows remote attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-i...Show more Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww for Android transfer files in cleartext, which allows remote attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors.Show less
CVE-2014-1939 2Google Lenovo 2Android Shareit Apr 29, 2026 Mar 3, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 java/android/webkit/BrowserFrame.java in Android before 4.4 uses the addJavascriptInterface API in conjunction with creating an object of the SearchBoxImpl class, which allows attackers to execute arbitrary Java code by...Show more java/android/webkit/BrowserFrame.java in Android before 4.4 uses the addJavascriptInterface API in conjunction with creating an object of the SearchBoxImpl class, which allows attackers to execute arbitrary Java code by leveraging access to the searchBoxJavaBridge_ interface at certain Android API levels.Show less