Lucene search
K

488 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-0549

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. Thi...

7.1CVSS6.3AI score0.00712EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2017-0639

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability in Bluetooth component could enable a local malicious application to access data outside of its permission levels. This...

5.5CVSS6.4AI score0.00454EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-0504

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver...

9.3CVSS8.1AI score0.00863EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-20470

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In bindRemoteViewsService of AppWidgetServiceImpl.java, there is a possible way to bypass background activity launch due to improper input validation. This coul...

7.8CVSS7.5AI score0.00182EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-0467

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and da...

9.3CVSS8.4AI score0.01422EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-0423

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An elevation of privilege vulnerability in Bluetooth could enable a proximate attacker to manage access to documents on the device. This issue is rated as...

5.3CVSS6.4AI score0.00329EPSS
Exploits0References2
HackRead
HackRead
added 2025/08/29 4:38 p.m.5 views

Fake Facebook Ads Push Brokewell Spyware to Android Users

A Facebook malvertising campaign is spreading the Brokewell spyware to Android users via fake TradingView ads. The malware…...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/08/27 1:56 p.m.5 views

Developer verification: a promised lift for Android security

To reduce the number of harmful apps targeting Android users, Google has announced that certified Android devices will require all apps to be registered by verified developers in order to be installed. But this new measure is not just about malware that's found on the Google Play Store, it’s main...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2019-10044

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Telegram Desktop before 1.5.12 on Windows, and the Telegram applications for Android, iOS, and Linux, is vulnerable to an IDN homograph attack when displaying...

8.8CVSS7.8AI score0.0328EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2018-5848

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the function wmisetie, the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ielen' argument can...

7.8CVSS7.3AI score0.00366EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/08 4:23 p.m.5 views

CVE-2025-8393 Dreame Technology iOS and Android Mobile Applications Improper Certificate Validation

A TLS vulnerability exists in the phone application used to manage a connected device. The phone application accepts self-signed certificates when establishing TLS communication which may result in man-in-the-middle attacks on untrusted networks. Captured communications may include user credentia...

8.5CVSS6.5AI score0.00117EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/05 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-0510

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of th...

9.3CVSS8AI score0.01839EPSS
Exploits3References2
Schneier on Security
Schneier on Security
added 2025/07/23 11:4 a.m.4 views

Google Sues the Badbox Botnet Operators

It will be interesting to watch what will come of this private lawsuit: Google on Thursday announced filing a lawsuit against the operators of the Badbox 2.0 botnet, which has ensnared more than 10 million devices running Android open source software. These devices lack Google's security...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/07/20 12:0 a.m.3 views

PT-2025-30192 · Callapp · Callapp Caller Id App

Name of the Vulnerable Software and Affected Versions: CallApp Caller ID App versions up to 2.0.4 Description: A vulnerability exists in CallApp Caller ID App on Android devices. The issue involves improper export of android application components due to manipulation of an unknown function within...

5.3CVSS5AI score0.00219EPSS
Exploits1References10
The Hacker News
The Hacker News
added 2025/07/18 11:3 a.m.5 views

Google Sues 25 Chinese Entities Over BADBOX 2.0 Botnet Affecting 10M Android Devices

Google on Thursday revealed it's pursuing legal action in New York federal court against 25 unnamed individuals or entities in China for allegedly operating BADBOX 2.0 botnet and residential proxy infrastructure. "The BADBOX 2.0 botnet compromised over 10 million uncertified devices running...

7.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/07/08 12:0 a.m.5 views

PT-2025-28439 · Qualcomm · Qualcomm Chipsets

Name of the Vulnerable Software and Affected Versions: Qualcomm chipsets versions prior to the fixed version Description: A cryptographic issue occurs due to the use of an insecure connection method while downloading. This issue affects over 100 Qualcomm chipsets used in many Android devices...

9.1CVSS6.3AI score0.00292EPSS
Exploits0References6
NVD
NVD
added 2025/06/27 2:15 a.m.6 views

CVE-2025-6748

A vulnerability classified as problematic has been found in Bharti Airtel Thanks App 4.105.4 on Android. Affected is an unknown function of the file /Android/data/com.myairtelapp/files/. The manipulation leads to cleartext storage in a file or on disk. It is possible to launch the attack on the...

2.4CVSS0.00097EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/06/27 1:31 a.m.5 views

CVE-2025-6748 Bharti Airtel Thanks App files cleartext storage in a file or on disk

A vulnerability classified as problematic has been found in Bharti Airtel Thanks App 4.105.4 on Android. Affected is an unknown function of the file /Android/data/com.myairtelapp/files/. The manipulation leads to cleartext storage in a file or on disk. It is possible to launch the attack on the...

2.4CVSS6.7AI score0.00097EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/06/08 3:16 a.m.22 views

CVE-2025-5715

A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic. This vulnerability affects unknown code of the component Biometric Authentication Handler. The manipulation leads to missing critical step in authentication. It is possible to launch the attack on the...

3.8CVSS4.2AI score0.00257EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2025/06/02 3:12 p.m.10 views

Preinstalled Apps on Ulefone, Krüger&Matz Phones Let Any App Reset Device, Steal PIN

Three security vulnerabilities have been disclosed in preloaded Android applications on smartphones from Ulefone and Krüger&Matz that could enable any app installed on the device to perform a factory reset and encrypt an application. A brief description of the three flaws is as follows -...

8.3CVSS7.4AI score0.00185EPSS
Exploits0
Rows per page
Query Builder