The vulnerability of the application for obtaining Intel Support information for Android, related to the improper use of standard permissions, allows a perpetrator to gain unauthorized access to information.

The vulnerability of the application for obtaining Intel Support information for Android relates to the improper use of standard permissions. Exploiting this vulnerability could allow a perpetrator to gain unauthorized access to information...

CVE-2023-36351

An issue in Viatom Health ViHealth for Android v.2.74.58 and before allows a remote attacker to execute arbitrary code via the com.viatom.baselib.mvvm.webWebViewActivity component...

PT-2023-18040 · Google · Android

Name of the Vulnerable Software and Affected Versions: OneTimePermissionUserManager.java affected versions not specified Description: The issue is caused by a logic error in the code of OneTimePermissionUserManager.java, specifically in the getCurrentState method. This error allows one-time...

CVE-2023-29743

An issue found in BestWeather v.7.3.1 for Android allows unauthorized apps to cause a persistent denial of service attack by manipulating the database...

DUALSPACE 安全漏洞

DUALSPACE is an application dual-opening tool for the Android platform. A security vulnerability exists in DUALSPACE version 1.1.3, which originated from allowing a local attacker to gain privileges via the keyadnewuseravoidtime field...

SUSE CVE-2010-1807

WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted HTML document, related...

SUSE CVE-2013-0644

Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 o...

SUSE CVE-2013-0790

Unspecified vulnerability in the browser engine in Mozilla Firefox before 20.0 on Android allows remote attackers to cause a denial of service stack memory corruption and application crash or possibly execute arbitrary code via unknown vectors involving a plug-in...

SUSE CVE-2013-3333

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before...

SUSE CVE-2014-0538

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler...

SUSE CVE-2014-6721

The Pharmaguideline aka com.pharmaguideline application 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

SUSE CVE-2016-5218

The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to temporarily spoof the contents of the Omnibox URL bar via a crafted HTML page containing PDF data...

SUSE CVE-2016-5219

A heap use after free in V8 in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

SUSE CVE-2017-5066

Insufficient consistency checks in signature handling in the networking stack in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to incorrectly accept a badly formed X.509 certificate via a crafted HTML page...

SUSE CVE-2017-5110

Inappropriate implementation of the web payments API on blob: and data: schemes in Web Payments in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page...

Android Security Bulletin—January 2023Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2023-01-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

Leaked Android Platform Certificates Create Risks for Users

On November 30, 2022, a Google apvi report from Łukasz Siewierski initially filed on November 11, 2022 was made public. The report contained 10 different platform certificates and malware sample SHA256 sums where the malware sample had been signed by a platform certificate — the application signi...

android-tools: Multiple Vulnerabilities

Background android-tools contains Android platform tools adb, fastboot, and mkbootimg. Description Multiple vulnerabilities have been discovered in android-tools. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

Samsung KnoxCustomManagerService Access Control Error Vulnerability

Samsung KnoxCustomManagerService is an open source Android platform-based security solution from South Korea's Samsung Samsung that can enhance security across the board through a combination of physical means and software systems, while being perfectly compatible with the Android and Google...

Microsoft Defender 安全漏洞

Microsoft Defender is a threat protection software from Microsoft USA. A security vulnerability exists in Microsoft Defender for Endpoint. The following products and versions are affected: Microsoft Defender for Endpoint for Mac,Microsoft Defender for Endpoint for Windows for Windows Server 2012 ...