UnionPay Data Forgery Issue Vulnerability

UnionPay is an application system of China UnionPay Corporation UnionPay. A data forgery issue vulnerability exists in UnionPay for android versions prior to 3.4.93.4.9, which stems from not properly verifying cryptographic signatures, and can be exploited by an attacker to make free purchases on...

CVE-2020-0456

There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170378843...

CVE-2020-0452

In exifentrygetvalue of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interaction is not needed for...

CVE-2020-5667

Studyplus App for Android v6.3.7 and earlier and Studyplus App for iOS v8.29.0 and earlier use a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...

About the security content of Apple Music 3.4.0 for Android - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

Android Security Bulletin—October 2020Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2020-10-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

Google Android Information Disclosure Vulnerability (CNVD-2020-53767)

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. A security vulnerability exists in Android version 11. The vulnerability originates from ActivityManager and can be exploited by an attacker to obtain sensitive information...

Android Security Bulletin—September 2020Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2020-09-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

Google Android WhatsApp Information Disclosure Vulnerability

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA.System is one of the system components.Email is one of the email components.WhatsApp is a set of mobile applications that utilize the web to deliver text messages from Google and the Open Handheld...

Google Android Framework Information Disclosure Vulnerability (CNVD-2020-44372)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An information disclosure vulnerability exists in the Framework component of Google Android 10, which can be exploited by attackers to obtain information...

Google Android Framework Remote Code Execution Vulnerability (CNVD-2020-45107)

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA, of which Framework is a component of the Android framework. A security vulnerability exists in Framework in Android version 10. An attacker can exploit the vulnerability to execute code...

Android Security Bulletin—August 2020Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2020-08-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

DuckDuckGo Application Information Disclosure Vulnerability

DuckDuckGo application is a privacy web browser application for mobile by DuckDuckGo Inc. in the United States. A security vulnerability exists in DuckDuckGo application version 5.58.0 and earlier Android and version 7.47.1.0 and earlier iOS. The vulnerability stems from a configuration or other...

CVE-2020-0141

In OutputBuffersArray::realloc of CCodecBuffers.cpp, there is a possible heap disclosure due to a race condition. This could lead to remote information disclosure with System execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID:...

Google Android runtime elevation of privilege vulnerability (CNVD-2020-46269)

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. Android runtime is one of the runtime environments. A security vulnerability exists in Android runtime in Android version 10. The vulnerability can be exploited by an attacker to elevat...

Google Android Framework Privilege Bypass Vulnerability (CNVD-2020-46323)

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA, of which Framework is a component of the Android framework. A security vulnerability exists in Framework in Android version 10. An attacker can exploit the vulnerability to elevate privileges...

Google Android Framework Privilege Bypass Vulnerability (CNVD-2020-46321)

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA, of which Framework is a component of the Android framework. A security vulnerability exists in Framework in Android version 10. An attacker can exploit the vulnerability to elevate privileges...

Google Android Media Framework Resource Management Error Vulnerability (CNVD-2020-46319)

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. Media Framework is one of the multimedia development frameworks. A security vulnerability exists in Media Framework in Android version 10. The vulnerability can be exploited by an...

Google Android Media Framework Out-of-Bounds Read Vulnerability

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. Media Framework is one of the multimedia development frameworks. A security vulnerability exists in Media Framework in Android version 10. The vulnerability can be exploited by an...

Google Android Media Framework Out-of-Bounds Write Vulnerability (CNVD-2020-46273)

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. Media Framework is one of the multimedia development frameworks. A security vulnerability exists in Media Framework in Android version 10. The vulnerability can be exploited by a remote...