1377 matches found
CVE-2017-15998
In the "NQ Contacts Backup & Restore" application 1.1 for Android, DES encryption with a static key is used to secure transmitted contact data. This makes it easier for remote attackers to obtain cleartext information by sniffing the network...
CVE-2012-4008
The Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site...
CVE-2017-15999
In the "NQ Contacts Backup & Restore" application 1.1 for Android, no HTTPS is used for transmitting login and synced user data. When logging in, the username is transmitted in cleartext along with an SHA-1 hash of the password. The attacker can either crack this hash or use it for further attack...
CVE-2011-4865
The Tencent WBlog com.tencent.WBlog 3.3.1 and MicroBlogPad 1.4.0 applications for Android do not properly protect data, which allows remote attackers to read or modify message drafts and search keywords via a crafted application...
CVE-2014-8671
Cross-site scripting XSS vulnerability in the GWT Mobile PhoneGap Showcase application for Android allows remote attackers to inject arbitrary web script or HTML via a crafted Bluetooth Device Name field...
CVE-2012-1393
Unspecified vulnerability in the GO SMS Pro com.jb.gosms application 3.72, 4.10, and 4.35 for Android has unknown impact and attack vectors...
CVE-2012-5187
The Weathernews Touch application 2.3.2 and earlier for Android allows attackers to obtain sensitive information about logged locations via a crafted application that leverages read permission for system log files...
CVE-2012-1476
Unspecified vulnerability in the KKtalk com.kkliaotian.android application 4.0.0 and 4.1.5 for Android has unknown impact and attack vectors...
CVE-2011-4770
The QIWI Wallet ru.mw application before 1.14.2 for Android does not properly protect data, which allows remote attackers to read or modify financial information via a crafted application...
CVE-2025-20955
Improper Export of Android Application Components in NotificationHistoryImageProvider prior to SMR May-2025 Release 1 allows local attackers to access notification images...
ByeDPIAndroid - App To Bypass Censorship On Android
Android application that runs a local VPN service to bypass DPI Deep Packet Inspection and censorship. This application runs a SOCKS5 proxy ByeDPI and redirects all traffic through it. Installation Or use Obtainium 1. Install Obtainium 2. Add the app by URL:...
CVE-2025-20975
Improper Export of Android Application Components in AODService prior to version 8.8.28.12 allows local attackers to launch arbitrary activity with systemui privilege...
CVE-2025-20955
Improper Export of Android Application Components in NotificationHistoryImageProvider prior to SMR May-2025 Release 1 allows local attackers to access notification images...
CVE-2025-20975
Improper Export of Android Application Components in AODService prior to version 8.8.28.12 allows local attackers to launch arbitrary activity with systemui privilege...
CVE-2025-20975
CVE-2025-20975 describes an improper export of Android application components in Samsung’s AODService, affecting versions prior to 8.8.28.12. The root issue is that components are exportable in a way that can allow a local attacker to launch an arbitrary activity with systemui privileges. Affecte...
CVE-2025-20956
CVE-2025-20956 corresponds to a vulnerability in Galaxy Watch Settings where improper export of Android application components enables physical attackers to access developer settings. The PT Security entry specifies Galaxy Watch versions prior to SMR May-2025 Release 1 as affected and recommends ...
CVE-2025-20955
Improper Export of Android Application Components in NotificationHistoryImageProvider prior to SMR May-2025 Release 1 allows local attackers to access notification images...
CVE-2025-20955
CVE-2025-20955 concerns Samsung Android SMR issues where NotificationHistoryImageProvider improperly exports components, enabling local attackers to access notification images. The vulnerability is described across multiple sources (NVD/Red Hat/CVE lists) as affecting Android components exported ...
PT-2025-20060 · Unknown · Aodservice
Name of the Vulnerable Software and Affected Versions: AODService versions prior to 8.8.28.12 Description: The issue concerns the improper export of Android application components in AODService, allowing local attackers to launch arbitrary activity with systemui privilege. This enables attackers ...
CVE-2025-25983
An issue in Macro-video Technologies Co.,Ltd V380 Pro android application 2.1.44 and V380 Pro android application 2.1.64 allows an attacker to obtain sensitive information via the QE code based sharing component...