CVE-2017-0306

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

How to Enable App Interaction Between XenMobile Secure Mail and Microsoft Office Apps

This document will help you understand how the XenMobile managed Secure Mail application will use Microsoft Office application to open the attachments in a controlled and secured manner. Environment Machine| Details ---|--- Active Directory| Win 2012 Certificate Authority| NA SQL Database| MS SQL...

UBUNTU-CVE-2016-8476

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

Google Android Qualcomm Fuse File System Denial of Service Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA, of which Qualcomm Fuse file is a user-space file system. A denial of service vulnerability exists in the Google Android Qualcomm Fuse File System. A remote attacker can exploit thi...

CVE-2016-8434

An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

CVE-2016-8395

A denial of service vulnerability in the NVIDIA camera driver could enable an attacker to cause a local permanent denial of service, which may require reflashing the operating system to repair the device. This issue is rated as High due to the possibility of local permanent denial of service...

CVE-2016-6764

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID:...

Unable to enroll more than two devices per user to XenMobile Server

When trying to enroll an iOS device with an user account that already has 2 devices enrolled, the enrollment would fail during the 2nd profile installation, with the following error message :Profile installation failed -A connection to the server could not be established On Android, the same...

CVE-2016-3901

Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29999161 and Qualcomm...

UBUNTU-CVE-2016-3865

The Synaptics touchscreen driver in Android before 2016-09-05 on Nexus 5X and 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28799389...

Error: "SHTP0003: A required parameter is missing. User or Password missing" on Secure Hub

We have a XenMobile environment and we can enroll iOS devices and deploy applications successfully. However, when we use an Android device, the enrollment completes successfully, but applications will not install. On the Android device the applications are greyed out with a spinner and there is a...

UBUNTU-CVE-2015-8939

drivers/video/msm/mdp4util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 2013 devices does not validate r stages, g stages, or b stages data, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28398884 and Qualcomm internal bug...

Android Device Manager - External URLs, Suspicious files, Unsafe deleting vulnerabilities

HackApp vulnerability scanner discovered that application Android Device Manager published at the 'play' market has multiple vulnerabilities...

2015 Google Android Security Report

Last year was a landmark time for Android security. Google dealt with a major vulnerability in Stagefright, launched a monthly patch release and vulnerability rewards program, and continued to chip away at the number of malicious applications that find their way onto devices. Given all of that...

Coinbase: Session Issue Maybe Can lead to huge loss [CRITICAL]

Hey Coinbase, I have some found some sessions issues linking your web and the coinbase wallet means the android application, So as the user authenticates from the android app An android device linked is shown on this page : https://www.coinbase.com/settings/securitysettings POC: 1 Open android ap...

This Malware Can Secretly Auto-Install any Android App to Your Phone

Own an Android Smartphone? Hackers can install any malicious third-party app on your smartphone remotely even if you have clearly tapped a reject button of the app. Security researchers have uncovered a trojanized adware family that has the capability to automatically install any app on an Androi...

Lost Your Phone? Google Search 'Find My Phone' To Locate It

How many of you have an issue to forget your mobile phones? I guess, most of us. Sometimes in our homes, sometimes in our offices, sometimes in our cars and sometimes we even don’t remember the exact place where we left our phones. Now, Finding your phone is as simple as searching something on...

AirDroid Web Application Hijacking Vulnerability Patched

AirDroid has patched an authentication flaw in its web application that could allow an attacker to remotely control and manipulate a victim’s Android device. AirDroid, which is similar to Apple’s native iMessage app, allows a user to send SMS messages, make calls, add contacts and more via a...

AppUse - Android Pentest Platform Unified Standalone Environment

AppUse Virtual Machine, developed by AppSec Labs, is a unique and free system, a platform for mobile application security testing in the android environment, and it includes unique custom-made tools. Faster & More Powerful The system is a blessing to security teams, who from now on can easily...

facebook - Grabbing permanent access token which Never expires of your accounts and pages .

The bug is that we can generate access token of our account which have all the permissions that normally a facebook user have that is to read , write , modify ,etc . Note : Permissions are depend on app by Which facebook access token is grabbed . Note: Mainly you can grab only your temporary acce...