Huawei nova youth edition phone elevation of privilege vulnerability

Huawei nova youth edition is a smartphone device by Chinese company Huawei Huawei. An elevation of privilege vulnerability exists in the Huawei nova Youth Edition phone. Due to improper authorization of a specific process, an attacker who has already obtained root privileges on the phone's Androi...

Google Android System UI Remote Code Execution Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA for short. System UI is the system interface that comes with Android. A remote code execution vulnerability exists in System UI in Android versions 7.1.1 and 7.1.2. A remote attack...

CVE-2017-0609

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

Security Advisory - Buffer Overflow Vulnerability in Driver of Huawei Smart Phone

The camerafs driver of some Huawei products has buffer overflow vulnerability due to the lack of input validation. An attacker tricks a user into installing a malicious application which has the system privilege of the Android system and sends a specific parameter to the driver of the smart phone...

Security Advisory - Plaintext Storage of Users’ Safe Passwords in the Files APP in Huawei Mobile Phones

The Files APP in some Huawei mobile phones has a vulnerability of plaintext storage of users' Safe passwords. An attacker with the root privilege of an Android system could forge the Safe to read users' plaintext Safe passwords, leading to information leak. Vulnerability ID: HWPSIRT-2017-03222 Th...

Security Advisory - Multiple Buffer Overflow Vulnerabilities in Bastet of Huawei Smart Phone

The Bastet of some Huawei mobile phones have three buffer overflow vulnerabilities due to the lack of parameter validation. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause buffer overflow in the...

Android Dialog Denial of Service Vulnerability

Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Consortium. A denial of service vulnerability exists in the Android system dialog. The vulnerability is caused by the system-level Intent mechanism "android.intent.action.CLOSESYSTEMDIALOGS" in...

Adups Local Elevation of Privilege Vulnerability

Adups Fota is a professional wireless upgrade solution for IoT devices smart car, wearable, home, VR, etc. from Shanghai Guangsheng Information Technology Co. Adups suffers from a local elevation of privilege vulnerability. The vulnerability is caused by setting the android: sharedUserId attribut...

Android System Setting and Bluetooth Connection Denial of Service Vulnerabilities

Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Consortium. A denial of service vulnerability exists in Android System Setting and Bluetooth Connection. The vulnerability is caused by the system-level Intent mechanism...

CVE-2017-0504

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical...

Security Advisory - Buffer Overflow Vulnerability in the Boot Loaders of Huawei Mobile Phones

The boot loaders of some Huawei mobile phones have a buffer overflow vulnerability due to the lack of parameter validation. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause buffer overflow in the...

Security Advisory - Buffer Overflow Vulnerability in Driver of Huawei Smart Phone

The ddrdevfreq driver of some Huawei products has buffer overflow vulnerability due to the lack of a parameters check. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to...

Security Advisory - E-mail Information Leak Vulnerability in Android System

The Security Bulletin describes an E-mail Information Leak Vulnerability in Android System discovered by Google CVE-2016-3918. An attacker tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to obtain information in the...

Simple App to-end security vulnerability of the backup function is enabled and a local denial of service vulnerability-vulnerability warning-the black bar safety net

The last description about the App end to sensitive information leaks, then the App end what security vulnerability is worth the developers food for thought and attention? When an App installed in A mobile phone, the user Joe Smith to login through the App, the login data is stored in the mobile...

UBUNTU-CVE-2016-6707

An elevation of privilege vulnerability in System Server in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local...

Google Android System UI Local Elevation of Privilege Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. system UI is the system interface that comes with Android. A local elevation of privilege vulnerability exists in System UI in Android 7.0. A local attacker can exploit this...

Android development APP end common security vulnerability interpretation-sensitive information disclosure vulnerability-vulnerability warning-the black bar safety net

As is known, Android system because of its open-source, open, flexible feature allows the smartphone industry with the rapid progress, the cut-off 2 0 1 5 in the fourth quarter, Android smartphone market share reached 8 0. 7%, but at the same time, Android Open, Open Source advantage from another...

Samsung Galaxy S4-S7 Device Denial of Service Vulnerability

The Samsung Galaxy S4 and others are smart mobile devices released by the South Korean company Samsung Samsung. A denial of service vulnerability exists in Samsung Galaxy S4 to S7 devices. An attacker can exploit the vulnerability to cause a sustained Android system crash, rendering the device...

Android Qualcomm DMA Component Information Disclosure Vulnerability (CNVD-2016-07470)

Android is a cell phone operating system based on the Linux open kernel. On Nexus 6 devices, an information disclosure vulnerability exists in the Qualcomm DMA component in versions of Android prior to 2016-09-05, which can be exploited by a remote attacker with a constructed application to cause...

CVE-2016-3886

systemui/statusbar/phone/QuickStatusBarHeader.java in the System UI Tuner in Android 7.0 before 2016-09-01 does not prevent tuner changes on the lockscreen, which allows physically proximate attackers to gain privileges by modifying a setting, aka internal bug 30107438...