(Pwn2Own) Samsung Galaxy S25 Samsung Account Open Redirect Security Bypass Vulnerability

This vulnerability allows remote attackers to bypass security on affected installations of Samsung Galaxy S25. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Samsung Account application. An attacker can force a redirection to a site that serves...

SAMSUNG Mobile devices security vulnerability

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability previously existed in SAMSUNG Mobile devices version 4.5.81.0, which stemmed from an improper intent validation issue in...

CVE-2023-44121

The vulnerability is an intent redirection in LG ThinQ Service "com.lge.lms2" in the "com/lge/lms/things/ui/notification/NotificationManager.java" file. This vulnerability could be exploited by a third-party app installed on an LG device by sending a broadcast with the action...

CVE-2022-20116

In onEntryUpdated of OngoingCallController.kt, it is possible to launch non-exported activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12...

CVE-2022-20116

In onEntryUpdated of OngoingCallController.kt, it is possible to launch non-exported activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12...

CVE-2022-20116

In onEntryUpdated of OngoingCallController.kt, it is possible to launch non-exported activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12...

CVE-2022-23433

Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S12, 12.2.05.6000 in Android R11 and 11.6.08.6000 in Andoid Q10 allows attackers to register reminders or execute exporeted activities remotely...

CVE-2022-23433

Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S12, 12.2.05.6000 in Android R11 and 11.6.08.6000 in Andoid Q10 allows attackers to register reminders or execute exporeted activities remotely...

PT-2022-15991 · Sreminder · Reminder

Name of the Vulnerable Software and Affected Versions: Reminder versions prior to 12.3.01.3000 Reminder versions prior to 12.2.05.6000 Reminder versions prior to 11.6.08.6000 Description: The issue is related to improper access control in the Reminder application, allowing attackers to register...

PT-2021-16547 · Samsung · Samsung Internet

Name of the Vulnerable Software and Affected Versions: Samsung Internet versions prior to 13.2.1.46 Description: The issue is related to an improper input check in Samsung Internet, which allows attackers to launch non-exported activity in Samsung Browser via a malicious deeplink. Recommendations...

CVE-2017-12816

In Kaspersky Internet Security for Android 11.12.4.1622, some of application exports activities have weak permissions, which might be used by a malware application to get unauthorized access to the product functionality by using Android IPC...

CVE-2017-12816

In Kaspersky Internet Security for Android 11.12.4.1622, some of application exports activities have weak permissions, which might be used by a malware application to get unauthorized access to the product functionality by using Android IPC...

Android Package Inspector: Inspeckage

Inspeckage is a tool developed to offer dynamic analysis of Android applications. By applying hooks to functions of the Android API, Inspeckage will help you understand what an Android application is doing at runtime. Inspeckage will let you interact with some elements of the app, such as...

Whisper: Bypass pin(4 digit passcode on your android app)

i have found that this activities are exported Package: sh.whisper sh.whisper.WMainActivity sh.whisper.WWhisperBrowserActivity sh.whisper.WRelatedActivity sh.whisper.WDiscoverActivity sh.whisper.WCategoryFeedActivity sh.whisper.WSettingsActivity Parent Activity: sh.whisper.WMainV4Activity...