Agent Smith Android malware has infected 25 million devices so far

By Waqas Agent Smith malware exploits Android vulnerabilities to target unsuspected users for credential stealing. The IT security researchers at CheckPoint have discovered a new variant of smartphone malware whose primary target is Android devices and so far the malware has infected more than 25...

Google Patches 11 Critical RCE Android Vulnerabilities

Remote code-execution RCE vulnerabilities dominated Google’s December Android Security Bulletin. The flaws are part of a total of 53 unique bugs patched by the Android security team, with a total number of 11 critical bugs – six of which are RCE flaws tied to the operating system’s Media Framewor...

CVE-2018-9450

In avrcprocvendorcommand of avrcapi.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0...

CVE-2018-5873

An issue was discovered in the nsgetpath function in fs/nsfs.c in the Linux kernel before 4.11. Due to a race condition when accessing files, a Use After Free condition can occur. This also affects all Android releases from CAF using the Linux kernel Android for MSM, Firefox OS for MSM, QRD Andro...

Google Android Framework Remote Code Execution Vulnerability

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. A remote code execution vulnerability exists in the Framework component of Google Android 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. An attacker can exploit the vulnerability to...

The high-pass encryption and decryption engine to mention the right vulnerability analysis-vulnerability warning-the black bar safety net

CVE-2016-3935 and CVE-2016-6738 we found that the high-pass encryption and decryption engine Qualcomm crypto engine two mention the right vulnerability, respectively, in 2016, 10 months, and 11 on the Google android vulnerabilities list is publicly acknowledged, while the high-pass also in 2016,...

Multiple vulnerabilities in Google Android Qualcomm components (CNVD-2017-14381)

Android is a free and open-source Linux-based operating system used primarily on mobile devices. Multiple vulnerabilities exist in the Google Android Qualcomm component. An attacker can exploit the vulnerabilities to obtain sensitive information and execute arbitrary code with elevated privileges...

Multiple vulnerabilities in Google Android Qualcomm components (CNVD-2017-14395)

Android is a free and open-source Linux-based operating system used primarily on mobile devices. Multiple vulnerabilities exist in the Google Android Qualcomm component. An attacker can exploit the vulnerabilities to obtain sensitive information and execute arbitrary code with elevated privileges...

Multiple vulnerabilities in Google Android Qualcomm components (CNVD-2017-14394)

Android is a free and open-source Linux-based operating system used primarily on mobile devices. Multiple vulnerabilities exist in the Google Android Qualcomm component. An attacker can exploit the vulnerabilities to obtain sensitive information and execute arbitrary code with elevated privileges...

Multiple vulnerabilities in Google Android Qualcomm components (CNVD-2017-14392)

Android is a free and open-source Linux-based operating system used primarily on mobile devices. Multiple vulnerabilities exist in the Google Android Qualcomm component. An attacker can exploit the vulnerabilities to obtain sensitive information and execute arbitrary code with elevated privileges...

Multiple vulnerabilities in Google Android Qualcomm components (CNVD-2017-14390)

Android is a free and open-source Linux-based operating system used primarily on mobile devices. Multiple vulnerabilities exist in the Google Android Qualcomm component. An attacker can exploit the vulnerabilities to obtain sensitive information and execute arbitrary code with elevated privileges...

Multiple vulnerabilities in Google Android Qualcomm components (CNVD-2017-14389)

Android is a free and open-source Linux-based operating system used primarily on mobile devices. Multiple vulnerabilities exist in the Google Android Qualcomm component. An attacker can exploit the vulnerabilities to obtain sensitive information and execute arbitrary code with elevated privileges...

Multiple vulnerabilities in Google Android Qualcomm components (CNVD-2017-14386)

Android is a free and open-source Linux-based operating system used primarily on mobile devices. Multiple vulnerabilities exist in the Google Android Qualcomm component. An attacker can exploit the vulnerabilities to obtain sensitive information and execute arbitrary code with elevated privileges...

Multiple vulnerabilities in Google Android Qualcomm components (CNVD-2017-14382)

Android is a free and open-source Linux-based operating system used primarily on mobile devices. Multiple vulnerabilities exist in the Google Android Qualcomm component. An attacker can exploit the vulnerabilities to obtain sensitive information and execute arbitrary code with elevated privileges...

Multiple vulnerabilities in Google Android Qualcomm components (CNVD-2017-14375)

Android is a free and open-source Linux-based operating system used primarily on mobile devices. Multiple vulnerabilities exist in the Google Android Qualcomm component. An attacker can exploit the vulnerabilities to obtain sensitive information and execute arbitrary code with elevated privileges...

Google Android Nvidia and Qualcomm sound drivers have unspecified vulnerabilities

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, with Nvidia as the graphics driver and Qualcomm sound as the sound driver developed by Qualcomm. A security vulnerability exists in the Nvidia and Qualcomm sound drivers in Androi...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerabilities of MediaTek components—M4U drivers, audio drivers, touchscreen drivers, GPU drivers, and Android operating system command queue drivers—are related to deficiencies in access control. Exploiting these vulnerabilities allows a remote attacker to execute arbitrary code, leading t...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerabilities of MediaTek components—including the M4U driver, audio drivers, touchscreen drivers, GPU drivers, and Android operating system Command Queue drivers—are related to deficiencies in access control. Exploiting these vulnerabilities allows a remote attacker to execute arbitrary...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerabilities of MediaTek components—M4U drivers, audio drivers, touchscreen drivers, GPU drivers, and Android operating system command queue drivers—are related to deficiencies in access control. Exploiting these vulnerabilities allows a remote attacker to execute arbitrary code, leading t...

The vulnerability of the Android operating system, which allows a perpetrator to trigger a service failure or otherwise affect the system.

The vulnerability of the ION subsystem, Binder, USB drivers, and the network subsystem of the Android operating system is related to the lack of protection for sensitive data. Exploiting this vulnerability can allow a malicious actor to cause service failures or otherwise affect the system...