CVE-2022-33300 Improper input validation in Automotive Android OS

Memory corruption in Automotive Android OS due to improper input validation...

CVE-2022-33300 Improper input validation in Automotive Android OS

Memory corruption in Automotive Android OS due to improper input validation...

PT-2023-13304 · Google · Automotive Android Os

Name of the Vulnerable Software and Affected Versions: Automotive Android OS affected versions not specified Description: The issue is related to memory corruption in Automotive Android OS caused by improper input validation. Recommendations: At the moment, there is no information about a newer...

Google Android OS和unisoc部分产品安全漏洞

Google Android is a set of Linux-based open source operating system by the American company Google Google. A security vulnerability exists in some Google Android OS and unisoc products, which stems from a lack of permission checking in the messaging service, leading to a local denial of service...

Google Android OS和unisoc部分产品安全漏洞

Google Android is a set of Linux-based open source operating system by the American company Google Google. A security vulnerability exists in some Google Android OS and unisoc products, which stems from a lack of permission checking in the messaging service, leading to a local denial of service...

Google Android OS和unisoc部分产品缓冲区错误漏洞

Google Android is a Linux-based open source operating system from the American company Google. A security vulnerability exists in some Google Android OS and unisoc products, which stems from a lack of bounds checking in the wlan driver, leading to a local denial of service...

CVE-2022-20475

In test of ResetTargetTaskHelper.java, there is a possible hijacking of any app which sets allowTaskReparenting="true" due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product...

Design/Logic Flaw

Nextcould talk android is the android OS implementation of the nextcloud talk chat system. In affected versions the receiver is not protected by broadcastPermission allowing malicious apps to monitor communication. It is recommended that the Nextcloud Talk Android is upgraded to 14.1.0. There are...

EnemyBot Malware Targets Web Servers, CMS Tools and Android OS

A rapidly evolving IoT malware dubbed “EnemyBot” is targeting content management systems CMS, web servers and Android devices. Threat actor group “Keksec” is believed behind the distribution of the malware, according to researchers. “Services such as VMware Workspace ONE, Adobe ColdFusion,...

HUAWEI EMUI 安全漏洞

Huawei Emui is a mobile operating system developed on Android. Huawei Emui is vulnerable to a configuration flaw that could be exploited by attackers to compromise usability...

CVE-2021-44751

A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website attached with USSD code in JavaScript or iFrame can trigger dialer application from F-Secure browser which can be exploited by an attacker to send unwanted USSD messages or perform unwanted calls. In mos...

Design/Logic Flaw

A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website attached with USSD code in JavaScript or iFrame can trigger dialer application from F-Secure browser which can be exploited by an attacker to send unwanted USSD messages or perform unwanted calls. In mos...

CVE-2021-44751 F-Secure SAFE Browser vulnerable to USSD attacks

A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website attached with USSD code in JavaScript or iFrame can trigger dialer application from F-Secure browser which can be exploited by an attacker to send unwanted USSD messages or perform unwanted calls. In mos...

CVE-2021-44751

The CVE describes a vulnerability in the F-Secure SAFE browser where a malicious website containing USSD code via JavaScript or an iframe can trigger the browser’s dialer. This could allow an attacker to send USSD messages or initiate calls. The impact notes that on most modern Androids the diale...

CVE-2021-38591

An issue was discovered on LG mobile devices with Android OS P and Q software for mt6762/mt6765/mt6883. Attackers can change some of the NvRAM content by leveraging the misconfiguration of a debug command. The LG ID is LVE-SMP-210005 August 2021...

CVE-2021-38591

CVE-2021-38591 affects LG mobile devices running Android P/Q on mt6762/mt6765/mt6883. Root cause: misconfiguration of a debug command that allows attackers to modify NvRAM content. Documented impact is limited to NvRAM manipulation; no exploit details or in‑the‑wild data are provided. No remediat...

Huawei EMUI/Magic UI Input Validation Vulnerability (CNVD-2021-64495)

Huawei Emui is a mobile operating system developed on Android. Huawei Magic UI is the operating system for Honor phones. Huawei EMUI/Magic UI has an input validation vulnerability that can be exploited by attackers to cause random address access...

Unspecified vulnerability in Wire wire-ios

Wire is a chat software by an individual developer. The program supports Web, WindowsiOS, Android, and OS X platforms, has a group feature, allows voice calls, sends photos, and its original way of saying hello, PING. Wire wire-ios has a security vulnerability that can be exploited by attackers t...

New Qualcomm Chip Bug Could Let Hackers Spy On Android Devices

Cybersecurity researchers have disclosed a new security vulnerability in Qualcomm's mobile station modems MSM that could potentially allow an attacker to leverage the underlying Android operating system to slip malicious code into mobile phones, undetected. "If exploited, the vulnerability would...

CVE-2021-30161

An issue was discovered on LG mobile devices with Android OS 11 software. Attackers can bypass the lockscreen protection mechanism after an incoming call has been terminated. The LG ID is LVE-SMP-210002 April 2021...