Maharashtra State Electricity Distribution Mahavitaran 代码问题漏洞

Maharashtra State Electricity Distribution Mahavitaran is an official application of Maharashtra State Electricity Distribution, India. A security vulnerability exists in the Mahavitaran android application version 7.50 and earlier, which stems from improper OTP authentication subject to account...

Huawei HarmonyOS 安全漏洞

Huawei Emui is a mobile operating system developed on Android. magic Ui is a mobile operating system developed on Android. Huawei Emui and Magic UI are vulnerable to incorrect privileges. An attacker can exploit this vulnerability to affect service availability...

Android 12 Security Release NotesStay organized with collectionsSave and categorize content based on your preferences.

This Android Security Release Notes contains details of security vulnerabilities affecting Android devices which are addressed as part of Android 12. Android 12 devices with a security patch level of 2021-10-01 or later are protected against these issues Android 12, as released on AOSP, will have...

UBUNTU-CVE-2021-31319

Telegram Android 7.1.0 2090, Telegram iOS 7.1, and Telegram macOS 7.1 are affected by an Integer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious...

Wire 代码问题漏洞

Wire is a chat software by an individual developer. The program supports Web, WindowsiOS, Android, and OS X platforms, has a group feature, allows voice calls, sends photos, and its original greeting method, PING. Wire suffers from a security vulnerability. An attacker can pass a malicious payloa...

The vulnerability of Firefox ESR browser for Android operating systems, related to the lack of restrictions on file downloads, allows attackers to compromise the confidentiality of protected information.

The vulnerability of Firefox ESR browser for Android operating systems is related to the lack of restrictions on file downloads. Exploiting this vulnerability can allow attackers to compromise the confidentiality of protected information...

Critical Cisco Jabber Bug Could Let Attackers Hack Remote Systems

Cisco on Wednesday released software updates to address multiple vulnerabilities affecting its Jabber messaging clients across Windows, macOS, Android, and iOS. Successful exploitation of the flaws could permit an "attacker to execute arbitrary programs on the underlying operating system with...

WebView Vulnerability in X Browser

X Browser is a mobile browser for the Android platform. X Browser has a WebView vulnerability that can be exploited by an attacker to execute JS code across domains and take full control of a user's browser...

CVE-2021-0317

In createOrUpdate of Permission.java and related code, there is possible permission escalation due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-10...

CVE-2020-0396

In various places in Telephony, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10...

Security Bulletin: A Security Vulnerability, exists in the Android platform used by the Cordova tools in Rational Software Architect for WebSphere Software (CVE-2015-1835)

Summary A security vulnerability, CVE-2015-1835, has been discovered that affects the Android platform used by the Cordova tools in Rational Software Architect for WebSphere Software. Vulnerability Details CVEID: CVE-2015-1835 DESCRIPTION: The Apache Cordova could allow a remote attacker to execu...

Mozilla Firefox ESR Code Issue Vulnerability

Mozilla Firefox ESR is an extended support release of Firefox web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox ESR versions prior to 68.11 for Android-based platforms. The vulnerability can be exploited by an attacker with the help o...

Unspecified Vulnerability in Samsung Mobile Devices (CNVD-2020-38179)

Android is a free and open source operating system from Google based on the Linux kernel without GNU components. An unspecified vulnerability exists in Samsung mobile devices, which can be exploited by attackers to cause information leakage...

CVE-2020-0209

In multiple functions of AccountManager.java, there is a possible permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145206842...

Cybozu Mailwise for Android Information Disclosure Vulnerability

Cybozu Mailwise for Android is an e-mail client application based on the Android platform from Cybozu. An information disclosure vulnerability exists in Cybozu Mailwise versions 1.0.0 to 1.0.1 for Android. The vulnerability originates from an error such as a configuration error in the network...

Samsung Mobile Device Buffer Overflow Vulnerability (CNVD-2020-30173)

Android is a Linux-based open-source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. A buffer overflow vulnerability exists in Samsung mobile devices, which can be exploited by an attacker to cause a buffer overflow...

Samsung Mobile Device Buffer Overflow Vulnerability (CNVD-2020-40823)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. Samsung mobile devices have a security vulnerability that can be exploited by attackers to execute arbitrary code on the system...

Samsung Mobile Device Authorization Issue Vulnerability (CNVD-2020-34737)

Android is a free and open source operating system from Google based on the Linux kernel without GNU components. Samsung mobile devices have an authorization issue vulnerability that can be exploited by attackers to access developer options...

Unspecified Vulnerability in Samsung Mobile Devices (CNVD-2020-40857)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. A security vulnerability exists in Samsung mobile devices, which can be exploited by attackers to perform arbitrary write operations to protected memory...

CVE-2020-8988

The Voatz application 2020-01-01 for Android allows only 100 million different PINs, which makes it easier for attackers after using root access to make a copy of the local database to discover login credentials and voting history via an offline brute-force approach...