Canon PRINT 2.5.5 URI Injection

Exploit Title: Content Provider URI Injection on Canon PRINT 2.5.5 CVE-2019-14339 Date: 24th July, 2019 Exploit Author: 0x48piraj Vendor Homepage: https://www.usa.canon.com/internet/portal/us/home/explore/printing-innovations/mobile-printing/canon-print-app Software Link:...

Exploit for CVE-2019-14339

CVE-2019-14339 Content Provider URI Injection on Canon PRINT...

CVE-2018-19452

A use after free in the TextBox field Mouse Enter action in IReaderContentProvider can occur for specially crafted PDF files in Foxit Reader SDK ActiveX Professional 5.4.0.1031. An attacker can leverage this to gain remote code execution. Relative to CVE-2018-19444, this has a different free...

The vulnerability of the ContentProvider.java functions in the Android operating system allows attackers to disclose protected information.

The vulnerability of several functions in the ContentProvider.java file of the Android operating system is related to a path traversal error. Exploiting this vulnerability can allow an attacker to disclose protected information...

Google Android Information Disclosure Vulnerability (CNVD-2018-26776)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An information disclosure vulnerability exists in several functions of the ContentProvider.java file in Android, which stems from the program's failure to verify URIs and can be...

CVE-2018-9548

In multiple functions of ContentProvider.java, there is a possible permission bypass due to a missing URI validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions:...

Design/Logic Flaw

In multiple functions of ContentProvider.java, there is a possible permission bypass due to a missing URI validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions:...

CVE-2018-9548

In multiple functions of ContentProvider.java, there is a possible permission bypass due to a missing URI validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions:...

CVE-2018-9548

CVE-2018-9548 affects Android: multiple ContentProvider.java functions allow a permission bypass due to missing URI validation, enabling local information disclosure without user interaction. Vulnerable in Android 7.0–7.1.2, 8.0–8.1, and 9.0. Mitigation is to apply patches from the 2018-12-01/12-...

Code injection

The ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict data access. This allows an attacker's application to read scanned documents...

CVE-2018-14902

The ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict data access. This allows an attacker's application to read scanned documents...

PayBox - Customized SSL, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application PayBox published at the 'play' market has multiple vulnerabilities...

Solitaire TriPeaks - Exported ContentProvider, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Solitaire TriPeaks published at the 'play' market has multiple vulnerabilities...

Udacity - Lifelong Learning - Customized SSL, Exported ContentProvider, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Udacity - Lifelong Learning published at the 'play' market has multiple vulnerabilities...

منومعاي -بدون اعلانات- صراحة ما يقول عنك الناس؟ - ContentProvider mode not defined, Customized SSL, Exported components vulnerabilities

HackApp vulnerability scanner discovered that application منومعاي -بدون اعلانات- صراحة ما يقول عنك الناس؟ published at the 'play' market has multiple vulnerabilities...

CSipSimple - BSD license, Customized SSL, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application CSipSimple published at the 'play' market has multiple vulnerabilities...

CryptoShield - Exported ContentProvider, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application CryptoShield published at the 'play' market has multiple vulnerabilities...

Endless Frontier Saga – RPG Online - Certificates or keys found, Corrupted files, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application Endless Frontier Saga – RPG Online published at the 'play' market has multiple vulnerabilities...

Flash Keyboard - Emoji & Theme - Dangerous filesystem permissions, Exported ContentProvider, Runtime privilege escalation vulnerabilities

HackApp vulnerability scanner discovered that application Flash Keyboard - Emoji & Theme published at the 'play' market has multiple vulnerabilities...

VK - Certificates or keys found, Exported ContentProvider, Exported components vulnerabilities

HackApp vulnerability scanner discovered that application VK published at the 'play' market has multiple vulnerabilities...