Do Privacy Policies Match with the Logs? an Empirical Study of Privacy Disclosure in Android Application Logs

Privacy policies are intended to inform users about how software systems collect and handle data, yet they often remain vague or incomplete. This paper presents an empirical study of patterns in log-related statements within privacy policies and their alignment with privacy disclosures observed i...

CVE-2023-25749

Android applications with unpatched vulnerabilities can be launched from a browser using Intents, exposing users to these vulnerabilities. Firefox will now confirm with users that they want to launch an external application before doing so. This bug only affects Firefox for Android. Other version...

CVE-2020-12856

OpenTrace, as used in COVIDSafe through v1.0.17, TraceTogether, ABTraceTogether, and other applications on iOS and Android, allows remote attackers to conduct long-term re-identification attacks and possibly have unspecified other impact, because of how Bluetooth is used...

EUVD-2014-0833

Malware in sbrugna...

EUVD-2014-9107

Malware in sbrugna...

EUVD-2011-4782

Malware in sbrugna...

EUVD-2020-1761

Malware in sbrugna...

EUVD-2017-2545

Malware in sbrugna...

EUVD-2012-2621

Malware in sbrugna...

EUVD-2020-4310

Malware in sbrugna...

EUVD-2014-0836

Malware in sbrugna...

EUVD-2023-29656

Malicious code in bioql PyPI...

EUVD-2024-1332

Malicious code in bioql PyPI...

EUVD-2024-35236

Malicious code in bioql PyPI...

CVE-2012-5179

The Boat Browser application before 4.2 and Boat Browser Mini application before 3.9 for Android do not properly implement the WebView class, which allows attackers to obtain sensitive information via a crafted application...

CVE-2012-1474

Unspecified vulnerability in the Youni SMS com.snda.youni application 2.1.0c and 2.1.0d for Android has unknown impact and attack vectors...

CVE-2012-2635

The Dolphin Browser HD application before 7.6 and Dolphin for Pad application before 1.0.1 for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application...

CVE-2012-2646

The Sleipnir Mobile application before 2.1.0 and Sleipnir Mobile Black Edition application before 2.1.0 for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application...

CVE-2012-4006

The GREE application before 1.4.0, GREE Tanken Dorirando application before 1.0.7, GREE Tsurisuta application before 1.5.0, GREE Monpura application before 1.1.1, GREE Kaizokuoukoku Columbus application before 1.3.5, GREE haconiwa application before 1.1.0, GREE Seisen Cerberus application before...

The vulnerability of the software for integrating Emarsys functions into Android mobile applications lies in its authentication mechanism’s flaws. This allows a hacker to redirect users to any desired URL address.

The vulnerability of the software for integrating Emarsys functions into Android mobile applications is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow a hacker to redirect users to any desired URL address...