Lucene search
K

655 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-23513

Malicious code in bioql PyPI...

4.3CVSS7.3AI score0.00707EPSS
Exploits7References5
Malwarebytes
Malwarebytes
added 2025/09/08 7:2 a.m.10 views

A week in security (September 1 – September 7)

Last week on Malwarebytes Labs: Nexar dashcam video database hacked Roblox introduces age checks to use communication features Give your PC a fresh start: New free tools to boost your PC’s speed, security, and peace of mind TP-Link warns of botnet infecting routers and targeting Microsoft 365...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/29 12:0 a.m.4 views

Agentic Discovery and Validation of Android App Vulnerabilities

Existing Android vulnerability detection tools overwhelm teams with thousands of low-signal warnings yet uncover few true positives. Analysts spend days triaging these results, creating a bottleneck in the security pipeline. Meanwhile, genuinely exploitable vulnerabilities often slip through,...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/08/24 12:0 a.m.7 views

PT-2025-34562 · Undefined · Undefined

🔥 Android under fire: Two high-severity bugs — CVE-2025-38805 and CVE-2025-38806 — have entered exploit kits. Attackers adapt quickly; don’t be the easy target. Details: https://t.co/tej1yYGlw1 Created by AI. Android ZeroDay...

6.8AI score
Exploits0References1
NVD
NVD
added 2025/08/06 5:15 a.m.10 views

CVE-2025-21016

Improper access control in PkgPredictorService prior to SMR Aug-2025 Release 1 in Chinese Android 13, 14, 15 and 16 allows local attackers to use the privileged APIs...

4.3CVSS0.00146EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/06 4:23 a.m.7 views

CVE-2025-21016

Improper access control in PkgPredictorService prior to SMR Aug-2025 Release 1 in Chinese Android 13, 14, 15 and 16 allows local attackers to use the privileged APIs...

4.3CVSS6.1AI score0.00146EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2025/08/05 2:21 p.m.19 views

Critical Android vulnerabilities patched—update as soon as you can

Google has patched six vulnerabilities in Android, including two critical vulnerabilities in its August 2025 Android Security Bulletin. It also covers a critical vulnerability which could have allowed an attacker to execute code on a victim's device without the victim needing to do anything at al...

8.6CVSS8AI score0.00665EPSS
Exploits3
Gitee
Gitee
added 2025/07/27 4:17 a.m.110 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Google Android

This repository contains a PoC Proof of Concept code for the BlueBorne vulnerabilities. The BlueBorne vulnerabilities are a set of vulnerabilities in Bluetooth devices that allow an attacker to remotely execute code on a device. The PoC code is written in Python and uses the PyBluez library to...

8.8CVSS7.4AI score0.2285EPSS
Exploits27
NVD
NVD
added 2025/07/21 3:15 p.m.3 views

CVE-2025-43977

The com.skt.prod.dialer application through 12.5.0 for Android enables any installed application with no permissions to place phone calls without user interaction by sending a crafted intent via the com.skt.prod.dialer.activities.outgoingcall.OutgoingCallInternalBroadcaster component...

5.5CVSS0.00136EPSS
Exploits0References3
NVD
NVD
added 2025/07/08 11:15 a.m.6 views

CVE-2025-21009

Out-of-bounds read in decoding malformed frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption...

5.5CVSS0.00118EPSS
Exploits0References1
NCSC
NCSC
added 2025/06/10 7:19 a.m.6 views

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in the Android operating system. Samsung has fixed vulnerabilities relevant to Samsung Mobile in Samsung Mobile. The vulnerabilities are in how the GPU Kernel Drivers handle system calls from non-privileged users. This can lead to unauthorized access to memory,...

8.7CVSS7AI score0.00264EPSS
Exploits1References2
Circl
Circl
added 2025/06/03 10:9 a.m.26 views

CVE-2025-26443

creationtimestamp| type| source ---|---|--- 2025-06-03 10:09:50+00:00| seen| https://threatintel.cc/2025/06/03/over-vulnerabilities-patched-in-android.html 2025-09-06 21:02:27+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3ly734punx72l...

7.3CVSS5.8AI score0.00132EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/01 3:36 p.m.5 views

CVE-2024-13915

Android based smartphones from vendors such as Ulefone and Krüger contain "com.pri.factorytest" application preloaded onto devices during manufacturing process. The application "com.pri.factorytest" version name: 1.0, version code: 1 exposes a ”com.pri.factorytest.emmc.FactoryResetService“ servic...

6.9CVSS6.6AI score0.00183EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/30 3:9 p.m.13 views

CVE-2024-13915 Unrestricted Access to Exported Service in com.pri.factorytest

Android based smartphones from vendors such as Ulefone and Krüger&Matz contain "com.pri.factorytest" application preloaded onto devices during manufacturing process. The application "com.pri.factorytest" version name: 1.0, version code: 1 exposes a ”com.pri.factorytest.emmc.FactoryResetService“...

6.9CVSS0.00183EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:26 a.m.9 views

CVE-2024-49404

Improper Access Control in Samsung Video Player prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows physical attackers to access video file of other users...

5.5CVSS6.6AI score0.00158EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:1 a.m.7 views

CVE-2023-36612

Directory traversal can occur in the Basecamp com.basecamp.bc3 application before 4.2.1 for Android, which may allow an attacker to write arbitrary files in the application's private directory. Additionally, by using a malicious intent, the attacker may redirect the server's responses containing...

7.5CVSS6.9AI score0.00944EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 1:58 a.m.9 views

CVE-2023-42579

Improper usage of insecure protocol i.e. HTTP in SogouSDK of Chinese Samsung Keyboard prior to versions 5.3.70.1 in Android 11, 5.4.60.49, 5.4.85.5, 5.5.00.58 in Android 12, and 5.6.00.52, 5.6.10.42, 5.7.00.45 in Android 13 allows adjacent attackers to access keystroke data using Man-in-the-Middl...

6.5CVSS6.9AI score0.00171EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:45 a.m.4 views

CVE-2023-20979

In GetNextSourceDataPacket of btaavco.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Andro...

5.5CVSS6.1AI score0.00091EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:33 p.m.3 views

CVE-2022-20131

In nciprocrfmanagementntf of ncihrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

7.8CVSS6.5AI score0.00832EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:20 p.m.6 views

CVE-2022-20270

In Content, there is a possible way to learn gmail account name on the device due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID...

5.5CVSS6.2AI score0.00096EPSS
Exploits0References1
Rows per page
Query Builder