EUVD-2021-28301

Malicious code in bioql PyPI...

Krüger&Matz com.pri.applock 安全漏洞

Krüger&Matz com.pri.applock is a mobile application component from Krüger&Matz. A security vulnerability exists in Krüger&Matz com.pri.applock, which stems from a LockUI activity that allows arbitrary intent injection, potentially resulting in a system-level elevation of privilege...

CVE-2021-41256

nextcloud news-android is an Android client for the Nextcloud news/feed reader app. In affected versions the Nextcloud News for Android app has a security issue by which a malicious application installed on the same device can send it an arbitrary Intent that gets reflected back, unintentionally...

CVE-2020-0082

In ExternalVibration of ExternalVibration.java, there is a possible activation of an arbitrary intent due to unsafe deserialization. This could lead to local escalation of privilege to systemserver with no additional execution privileges needed. User interaction is not needed for...

ASB-A-193445603

In onActivityViewReady of DetailDialog.kt, there is a possible Intent Redirect due to a confused deputy. This could lead to local escalation of privilege that allows actions performed as the System UI, with no additional execution privileges needed. User interaction is needed for exploitation...

CVE-2020-0082

In ExternalVibration of ExternalVibration.java, there is a possible activation of an arbitrary intent due to unsafe deserialization. This could lead to local escalation of privilege to systemserver with no additional execution privileges needed. User interaction is not needed for...

Deserialization of untrusted data

In ExternalVibration of ExternalVibration.java, there is a possible activation of an arbitrary intent due to unsafe deserialization. This could lead to local escalation of privilege to systemserver with no additional execution privileges needed. User interaction is not needed for...