22 matches found
CVE-2017-18680
An issue was discovered on Samsung mobile devices with L5.0/5.1 and M6.0 tablets software. The lockscreen interface allows Add User actions, leading to an unintended ability to access user data in external storage. The Samsung ID is SVE-2016-7797 March 2017...
EUVD-2014-1948
Malware in sbrugna...
EUVD-2014-1947
Malware in sbrugna...
EUVD-2018-6861
Malware in sbrugna...
EUVD-2017-9771
Malware in sbrugna...
EUVD-2022-48311
Malicious code in bioql PyPI...
EUVD-2024-34899
Malicious code in bioql PyPI...
CVE-2023-33188
Omni-notes is an open source note-taking application for Android. The Omni-notes Android app had an insufficient path validation vulnerability when displaying the details of a note received through an externally-provided intent. The paths of the note's attachments were not properly validated,...
CVE-2022-36832
Improper access control vulnerability in WebApp in Cameralyzer prior to versions 3.2.22, 3.3.22, 3.4.22 and 3.5.51 allows attackers to access external storage as Cameralyzer privilege...
CVE-2021-0486
In onPackageAddedInternal of PermissionManagerService.java, there is possible access to external storage due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2025-30485
UNIX symbolic link Symlink following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files...
CVE-2023-48239 Nextcloud Server users can make external storage mount points inaccessible for other users
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Server and starting in version 20.0.0 and prior to versions 20.0.14.16, 21.0.9.13, 22.2.10.15, 23.0.12.12, 24.0.12.8,...
CVE-2022-36832
Improper access control vulnerability in WebApp in Cameralyzer prior to versions 3.2.22, 3.3.22, 3.4.22 and 3.5.51 allows attackers to access external storage as Cameralyzer privilege...
PT-2022-23636 · Unknown · Cameralyzer
Name of the Vulnerable Software and Affected Versions: Cameralyzer versions prior to 3.2.22 Cameralyzer versions prior to 3.3.22 Cameralyzer versions prior to 3.4.22 Cameralyzer versions prior to 3.5.51 Description: An improper access control issue in the WebApp component of Cameralyzer allows...
CVE-2021-0486
In onPackageAddedInternal of PermissionManagerService.java, there is possible access to external storage due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Facebook WhatsApp and WhatsApp Business have unspecified vulnerabilities
Facebook WhatsApp is a suite of mobile applications from Facebook Inc. in the United States that use the Internet to send text messages. The application uses the contact information in a smartphone to find contacts using the program to send texts, pictures, etc. WhatsApp Business is the commercia...
Facebook WhatsApp 安全漏洞
Facebook WhatsApp is a suite of mobile applications from Facebook Inc. in the United States that use the Internet to send text messages. The application uses the contact information in a smartphone to find contacts using the program to send texts, pictures, etc. WhatsApp Business is the commercia...
TK-Star Q90 Junior GPS horloge security vulnerability
TK-Star Q90 Junior GPS horloge is a Gps location tracker from TK-Star, China. A security vulnerability exists in the TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices, which stems from having unwanted privileges to read external storage, write external storage, and read contacts...
CVE-2017-18680
An issue was discovered on Samsung mobile devices with L5.0/5.1 and M6.0 tablets software. The lockscreen interface allows Add User actions, leading to an unintended ability to access user data in external storage. The Samsung ID is SVE-2016-7797 March 2017...
CVE-2018-15004
The Coolpad Canvas device with a build fingerprint of Coolpad/cp3636a/cp3636a:7.0/NRD90M/093031423:user/release-keys contains a platform app with a package name of com.qualcomm.qti.modemtestmode versionCode=24, versionName=7.0 that contains an exported service app component named...