Lucene search
K

53 matches found

Fedora
Fedora
added 2024/03/07 10:33 p.m.24 views

[SECURITY] Fedora 40 Update: enjarify-1.0.3-35.fc40

Android applications are Java programs that run on a customized virtual machine, which is part of the Android operating system, the Dalvik VM. Their bytecode differs from the bytecode of normal Java applications. Enjarify can translate the Dalvik bytecode back to equivalent Java bytecode, which...

8.8CVSS6.8AI score0.02578EPSS
Exploits3
CNNVD
CNNVD
added 2024/01/03 12:0 a.m.4 views

Lenovo Browser Code Injection Vulnerability

Lenovo Browser is a browser from the Chinese company Lenovo. It is used to locate, retrieve and display content on the World Wide Web. A code injection vulnerability exists in Lenovo Browser Mobile V9.1.3.1 and earlier versions, Lenovo Browser HD Apps for Android V2.1.4.1 and earlier versions,...

7.5CVSS6.9AI score0.00528EPSS
Exploits0References2
Talos Blog
Talos Blog
added 2023/10/31 11:0 a.m.31 views

Arid Viper disguising mobile spyware as updates for non-malicious Android applications

Since April 2022, Cisco Talos has been tracking a malicious campaign operated by the espionage-motivated Arid Viper advanced persistent threat APT group targeting Arabic-speaking Android users. In this campaign, the actors leverage custom mobile malware, also known as Android Package files APKs, ...

7AI score
Exploits0
UbuntuCve
UbuntuCve
added 2023/06/02 5:15 p.m.52 views

CVE-2023-25749

Android applications with unpatched vulnerabilities can be launched from a browser using Intents, exposing users to these vulnerabilities. Firefox will now confirm with users that they want to launch an external application before doing so. This bug only affects Firefox for Android. Other version...

4.3CVSS6.8AI score0.00384EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/06/02 12:0 a.m.33 views

CVE-2023-25749

Android applications with unpatched vulnerabilities can be launched from a browser using Intents, exposing users to these vulnerabilities. Firefox will now confirm with users that they want to launch an external application before doing so. This bug only affects Firefox for Android. Other version...

6.1AI score0.00384EPSS
Exploits0References2
NVD
NVD
added 2022/04/22 9:15 p.m.11 views

CVE-2021-3898

Versions of Motorola Ready For and Motorola Device Help Android applications prior to 2021-04-08 do not properly verify the server certificate which could lead to the communication channel being accessible by an attacker...

6.8CVSS0.0044EPSS
Exploits0References1
Prion
Prion
added 2022/04/22 9:15 p.m.21 views

Code injection

Versions of Motorola Ready For and Motorola Device Help Android applications prior to 2021-04-08 do not properly verify the server certificate which could lead to the communication channel being accessible by an attacker...

4.3CVSS6.4AI score0.0044EPSS
Exploits0References1Affected Software2
CNNVD
CNNVD
added 2022/03/10 12:0 a.m.4 views

Samsung ApkInstaller 安全漏洞

Samsung ApkInstaller is a tool from Samsung, a South Korean company, for installing Apk files from Android memory cards. It is used to install Apk files from Android memory cards.An authorization issue vulnerability exists in the dynamic receiver in Samsung ApkInstaller, which stems from a lack o...

7.9CVSS5.8AI score0.0012EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/12/22 6:7 a.m.2 views

Android Apps developed using Yappli fails to restrict custom URL schemes properly

Overview Yappli provided by Yappli, Inc. is an application development platform. Android Apps that are developed with Yappli provide the function to access a requested URL using Custom URL Scheme. The access to the function is not restricted properly CWE-939 which may be exploited to direct the A...

8.1CVSS6.4AI score0.00842EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2020/10/08 7:46 p.m.42 views

RAINBOWMIX Apps in Google Play Serve Up Millions of Ad Fraud Victims

Researchers with White Ops have uncovered a scam to deliver millions of out-of-context OOC ads through a group of more than 240 Android applications on the official Google Play store, which the team said were collectively delivering more than 15 million impressions per day at their peak. The apps...

7.2AI score
Exploits0References5
OSV
OSV
added 2020/09/04 5:57 p.m.19 views

GHSA-C6PW-Q7F2-97HV Privilege Escalation in cordova-plugin-inappbrowser

Versions of cordova-plugin-inappbrowser prior to 3.1.0 are vulnerable to Privilege Escalation. A website running in the InAppBrowser webview on Android could execute arbitrary JavaScript in the main application's webview using a specially crafted gap-iab: URI. This affects Cordova Android...

9.8CVSS9.2AI score0.0783EPSS
Exploits0References9
GithubExploit
GithubExploit
added 2020/08/09 8:6 p.m.1149 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Google Chrome

CVE-2020-6514 The exploit When writing the exploit, I origina...

6.5CVSS8.7AI score0.0779EPSS
Exploits6
GoogleProjectZero
GoogleProjectZero
added 2020/08/06 12:0 a.m.59 views

Exploiting Android Messengers with WebRTC: Part 3

Posted by Natalie Silvanovich, Project Zero This is a three-part series on exploiting messenger applications using vulnerabilities in WebRTC. CVE-2020-6514 discussed in the blog post was fixed on July 14 with these CLs.This series highlights what can go wrong when applications don't apply WebRTC...

6.5CVSS8AI score0.0779EPSS
Exploits6
HackRead
HackRead
added 2019/01/09 5:40 p.m.17 views

9 million users installed 85 adware infected apps from Play Store

By Uzair Amir Google has now removed all 85 Adware from Play Store. Reportedly, 85 Android applications on Google Play Store were discovered to be sending dangerous, full-screen adware to users. These apps collectively have been installed approx. 9 million times across the world. It is identified...

2AI score
Exploits0
OSV
OSV
added 2018/09/18 9:29 p.m.6 views

CVE-2018-16225

The QBee MultiSensor Camera through 4.16.4 accepts unencrypted network traffic from clients such as the QBee Cam application through 1.0.5 for Android and the Swisscom Home application up to 10.7.2 for Android, which results in an attacker being able to reuse cookies to bypass authentication and...

6.5CVSS5.7AI score0.00616EPSS
Exploits1References2
Kitploit
Kitploit
added 2018/05/31 10:39 p.m.50 views

ReverseAPK - Quickly Analyze And Reverse Engineer Android Packages

Quickly analyze and reverse engineer Android applications. FEATURES: Displays all extracted files for easy reference Automatically decompile APK files to Java and Smali format Analyze AndroidManifest.xml for common vulnerabilities and behavior Static source code analysis for common vulnerabilitie...

7.8AI score
Exploits0References1
Lenovo
Lenovo
added 2017/10/18 12:0 a.m.15 views

Lenovo VIBE, Moto, and ZUK Mobile Phone Remote Code Execution Vulnerability - Lenovo Support US

No description provided...

9AI score
Exploits0
OSV
OSV
added 2017/05/12 6:29 p.m.4 views

CVE-2016-4839

The Android Apps Money Forward prior to v7.18.0, Money Forward for The Gunma Bank prior to v1.2.0, Money Forward for SHIGA BANK prior to v1.2.0, Money Forward for SHIZUOKA BANK prior to v1.4.0, Money Forward for SBI Sumishin Net Bank prior to v1.6.0, Money Forward for Tokai Tokyo Securities prior...

5.5CVSS5.8AI score0.01661EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2017/05/03 5:39 a.m.17 views

Hundreds of Apps Using Ultrasonic Signals to Silently Track Smartphone Users

Your smartphone may have some apps that are continuously listening inaudible, high-frequency ultrasonic sounds from your surroundings and they know where you go, what you like and dislike — all without your knowledge. Ultrasonic Cross-Device Tracking is a new technology that some marketers and...

6.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/09/15 12:0 a.m.59 views

Adobe AIR <= 22.0.0.153 Android Applications Runtime Analytics MitM (APSB16-31)

The version of Adobe AIR installed on the remote Windows host is prior or equal to version 22.0.0.153. It is, therefore, affected by a man-in-the-middle MitM vulnerability due to the cleartext transmission of runtime analytics for AIR applications on Android. A MitM attacker can exploit this to...

7.5CVSS7.4AI score0.03803EPSS
Exploits0References2
Rows per page
Query Builder