CVE-2019-15378

The Panasonic Eluga Ray 600 Android device with a build fingerprint of Panasonic/ELUGARay600/ELUGARay600:8.1.0/O11019/1532692680:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the...

CVE-2019-15376

The Panasonic Eluga Ray 530 Android device with a build fingerprint of Panasonic/ELUGARay530/ELUGARay530:8.1.0/O11019/1531828974:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the...

CVE-2019-15352

The Coolpad 1851 Android device with a build fingerprint of Coolpad/android/android:8.1.0/O11019/1534834761:userdebug/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify...

CVE-2019-15373

The Symphony i95 Lite Android device with a build fingerprint of LAVA/iris88lite/iris88lite:8.1.0/O11019/1536323070:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to...

CVE-2019-15371

The Symphony G100 Android device with a build fingerprint of Symphony/G100/G100:8.1.0/O11019/1530618779:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a system...

CVE-2019-15333

The Lava Flair Z1 Android device with a build fingerprint of LAVA/Z1/Z1:8.1.0/O11019/1536680131:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app versionCode=400, versionName=v4.0.27 that allows any app co-located on the device to programmaticall...

CVE-2019-15336

The Lava Z61 Turbo Android device with a build fingerprint of LAVA/Z61Turbo/Z61Turbo:8.1.0/O11019/1536917928:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app versionCode=400, versionName=v4.0.31 that allows any app co-located on the device to...

CVE-2025-0895

IBM Cognos Analytics Mobile 1.1 for Android could allow a user with physical access to the device, to obtain sensitive information from debugging code log messages...

⚡ THN Weekly Recap: Alerts on Zero-Day Exploits, AI Breaches, and Crypto Heists

This week, a 23-year-old Serbian activist found themselves at the crossroads of digital danger when a sneaky zero-day exploit turned their Android device into a target. Meanwhile, Microsoft pulled back the curtain on a scheme where cybercriminals used AI tools for harmful pranks, and a massive...

CVE-2025-20060

An attacker could expose cross-user personal identifiable information PII and personal health information transmitted to the Android device via the Dario Health application database...

CVE-2025-0895

CVE-2025-0895 affects IBM Cognos Analytics Mobile (Android) 1.1. The issue allows information disclosure via debugging code log messages when a user has physical access to the device. Root cause is exposure of sensitive data in debug logs. According to IBM’s Security Bulletin, remediation is to u...

CVE-2025-20060

An attacker could expose cross-user personal identifiable information PII and personal health information transmitted to the Android device via the Dario Health application database...

CVE-2020-8913

A local, arbitrary code execution vulnerability exists in the SplitCompat.install endpoint in Android's Play Core Library versions prior to 1.7.2. A malicious attacker could create an apk which targets a specific application, and if a victim were to install this apk, the attacker could perform a...

FSB Uses Trojan App to Monitor Russian Programmer Accused of Supporting Ukraine

A Russian programmer accused of donating money to Ukraine had his Android device secretly implanted with spyware by the Federal Security Service FSB after he was detained earlier this year. The findings come as part of a collaborative investigation by First Department and the University of...

CVE-2024-10382 Arbitrary Code execution in Car App Android Jetpack Library

There exists a code execution vulnerability in the Car App Android Jetpack Library. CarAppService uses deserialization logic that allows construction of arbitrary java classes. This can lead to arbitrary code execution when combined with specific Java deserialization gadgets. An attacker needs to...

Migration of Android Devices registered via GCM to FCM

There is no automatic update from Azure Notification Hub or Google Push Notification Service to migrate Android clients from the FCM legacy protocol to the latest FCMv1 protocol. As a result, affected users will need to manually re-register their devices with NetScaler Gateway. Please refer to th...

CVE-2024-7448

Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. User interaction is required to exploit this vulnerability in that the target must...

CVE-2024-7448 Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability

Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. User interaction is required to exploit this vulnerability in that the target must...

Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. User interaction is required to exploit this vulnerability in that the target must acquire data from a malicious mobile device. The specific flaw exists within the...

CVE-2024-6295 udn News App - Insecure Data Storage

udn News Android APP stores the unencrypted user session in the local database when user log into the application. A malicious APP or an attacker with physical access to the Android device can retrieve this session and use it to log into the news APP and other services provided by udn...