404 matches found
CVE-2025-27839
operations/attestation/AttestationTask.kt in the Tangem SDK before 5.18.3 for Android has a logic flow in offline wallet attestation genuineness check that causes verification results to be disregarded during the first scan of a card. Exploitation may not have been possible...
CVE-2025-1940
A select option could partially obscure the confirmation prompt shown before launching external apps. This could be used to trick a user in to launching an external app unexpectedly. This issue only affects Android versions of Firefox.. This vulnerability was fixed in Firefox 136...
CVE-2025-20897
Improper access control in Secure Folder prior to version 1.9.20.50 in Android 14, 1.8.11.0 in Android 13, and 1.7.04.0 in Android 12 allows local attacker to access data in Secure Folder...
Malicious QR codes sent in the mail deliver malware
Physical letters that contain a QR code to trick people into downloading malware are being sent through the mail, according to a warning issued by The Swiss National Cyber Security Centre NCSC. The letters are sent as if they come from the official Swiss Federal Office of Meteorology and...
SUSE CVE-2023-28999
Nextcloud is an open-source productivity platform. In Nextcloud Desktop client 3.0.0 until 3.8.0, Nextcloud Android app 3.13.0 until 3.25.0, and Nextcloud iOS app 3.0.5 until 4.8.0, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can decrypt files,...
PT-2024-21898 · Toyoko Inn · Toyoko Inn Official App For Android +1
Name of the Vulnerable Software and Affected Versions: Toyoko Inn official App for iOS versions prior to 1.13.0 Toyoko Inn official App for Android versions prior to 1.3.14 Description: The issue arises from the improper verification of server certificates, allowing a man-in-the-middle attacker t...
Quick Reboot Security Vulnerability
Quick Reboot is an application for Android. A security vulnerability exists in Quick Reboot version 1.0.8, which stems from a lack of input validation and leaves the receiver vulnerable to unauthorized broadcasts...
CVE-2024-23388
Improper authorization in handler for custom URL scheme issue in "Mercari" App for Android prior to version 5.78.0 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a victim of a phishing attack...
Syrian Hackers Distributing Stealthy C#-Based Silver RAT to Cybercriminals
Threat actors operating under the name Anonymous Arabic have released a remote access trojan RAT called Silver RAT that's equipped to bypass security software and stealthily launch hidden applications. "The developers operate on multiple hacker forums and social media platforms, showcasing an...
Design/Logic Flaw
Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox. This issue only affects Android versions of Firefox and Firefox Focus. This vulnerability affects Firefox 121...
PT-2023-28870 · Zoom · Zoom Mobile App For Android +3
Name of the Vulnerable Software and Affected Versions: Zoom Mobile App for Android versions prior to 5.16.0 Zoom Mobile App for iOS versions prior to 5.16.0 Zoom SDKs for Android versions prior to 5.16.0 Zoom SDKs for iOS versions prior to 5.16.0 Description: The issue is related to cryptographic...
PT-2023-27231 · Google · Android
Name of the Vulnerable Software and Affected Versions: MyCrops HiGrade "THC Testing & Cannabi" application version 1.0.337 Description: An issue was discovered in the MyCrops HiGrade "THC Testing & Cannabi" application for Android, where a remote attacker can start the camera feed via the...
CVE-2023-36351
An issue in Viatom Health ViHealth for Android v.2.74.58 and before allows a remote attacker to execute arbitrary code via the com.viatom.baselib.mvvm.webWebViewActivity component...
CVE-2023-21173
In multiple methods of DataUsageList.java, there is a possible way to learn about admin user's network activities due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
PT-2023-17976 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android version 13 Description: A logic error in the LockTaskController.java code allows for a possible bypass of lock task mode. This could lead to local escalation of privilege with no additional execution privileges needed, requiring user...
PT-2023-17975 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: In the btm ble update inq result function of btm ble gap.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution...
PT-2023-17998 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions prior to Android-13 Description: The issue is related to unsafe deserialization in multiple functions of sta iface.cpp, which could lead to a possible out of bounds read. This could result in local escalation of privilege, wi...
PT-2023-17957 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a possible out of bounds read in the inviteInternal function of p2p iface.cpp due to a missing bounds check. This could lead to local information disclosure, requiring System...
PT-2023-17972 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a logic error in the code of CarrierPrivilegesTracker.java, specifically in the getCurrentPrivilegedPackagesForAllUsers function. This error can lead to a permission bypass,...
PT-2023-17984 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a possible out of bounds read in the btm ble batchscan filter track adv vse cback function of btm ble batchscan.cc due to a missing bounds check. This could lead to local...