51 matches found
Malicious code in com.google.android.appbundle (npm)
The package com.google.android.appbundle was found to contain malicious code...
Malicious code in com.microsoft.azure.spatial-anchors-sdk.android (npm)
The package com.microsoft.azure.spatial-anchors-sdk.android was found to contain malicious code...
MAL-2025-17324 Malicious code in com.microsoft.azure.spatial-anchors-sdk.android (npm)
The package com.microsoft.azure.spatial-anchors-sdk.android was found to contain malicious code...
CVE-2023-36629
The ST ST54-android-packages-apps-Nfc package before 130-20230215-23W07p0 for Android has an out-of-bounds read...
CVE-2019-9438
In the Package Manager service, there is a possible information disclosure due to a confused deputy. This could lead to local disclosure of information about installed packages for other users with no additional execution privileges needed. User interaction is not needed for exploitation. Product...
ROADCAM X3 安全漏洞
ROADCAM X3 is a car recorder with HD quality and easy to carry by ROADCAM. It is used to record the process of driving, and supports video cropping, sharing and other functions. ROADCAM X3 suffers from a security vulnerability that originates from the inclusion of hard-coded FTP credentials in th...
Sylvania Smart Home 安全漏洞
Sylvania Smart Home is a smart home control software from Sylvania. A security vulnerability exists in Sylvania Smart Home version v3.0.3, which stems from incorrect access control during firmware updates and downloads, and could allow an attacker to access sensitive information by analyzing code...
PT-2024-33143 · Ivy Smart · Ivy Smart
Name of the Vulnerable Software and Affected Versions: IVY Smart version 4.5.0 Description: The issue is related to incorrect access control in the firmware update and download processes. This allows attackers to access sensitive information by analyzing the code and data within the APK file...
Neye3C 安全漏洞
Neye3C is an application from Neye3C that connects to cloud cameras and DVRs by logging into the cloud. A security vulnerability exists in Neye3C version v4.5.2.0, which stems from incorrect access control during firmware updates and downloads, and allows an attacker to gain access to sensitive...
CVE-2023-36629
The ST ST54-android-packages-apps-Nfc package before 130-20230215-23W07p0 for Android has an out-of-bounds read...
CVE-2023-42580
Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to install APK from Galaxy Store...
CVE-2023-21516
XSS vulnerability from InstantPlay in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store...
PT-2023-18271 · Samsung · Galaxy Store
Name of the Vulnerable Software and Affected Versions: Galaxy Store versions prior to 4.5.49.8 Description: The issue allows attackers to execute javascript API to install APK from Galaxy Store due to a vulnerable script in InstantPlay. This script can execute javascript in Galaxy Store, enabling...
SAMSUNG Mobile devices 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices Galaxy Store InstantPlay versions prior to 4.5.49.8, which stems from vulnerability to a...
SUSE CVE-2023-30551
Rekor is an open source software supply chain transparency log. Rekor prior to version 1.1.1 may crash due to out of memory OOM conditions caused by reading archive metadata files into memory without checking their sizes first. Verification of a JAR file submitted to Rekor can cause an out of...
Experts Warn of RambleOn Android Malware Targeting South Korean Journalists
Suspected North Korean nation-state actors targeted a journalist in South Korea with a malware-laced Android app as part of a social engineering campaign. The findings come from South Korea-based non-profit Interlab, which coined the new malware RambleOn. The malicious functionalities include the...
CVE-2022-36442
An issue was discovered in Zebra Enterprise Home Screen 4.1.19. By using the embedded Google Chrome application, it is possible to install an unauthorized application via a downloaded APK...
UBUNTU-CVE-2022-1495
Incorrect security UI in Downloads in Google Chrome on Android prior to 101.0.4951.41 allowed a remote attacker to spoof the APK downloads dialog via a crafted HTML page...
F-secure Atlant 安全漏洞
F-secure Atlant is a platform for building applications that can scan and detect malicious files from the Finnish company F-secure. A security vulnerability exists in F-secure Atlant that stems from a scanning of ambiguous APK files that can cause the scanning engine to crash...
The vulnerability of the zlib compression library in the “Avora” operating system allows a hacker to cause a service failure or have an unpredictable impact.
The vulnerability of the zlib compression library in the “Avora” operating system is related to integer overflows. Exploiting this vulnerability can allow attackers to cause service failures or have unpredictable effects using specially crafted .apk or .dex files...