EUVD-2024-51251

Malicious code in bioql PyPI...

EUVD-2024-33513

Malicious code in bioql PyPI...

CVE-2024-12993

Infinix devices contain a pre-loaded "com.rlk.weathers" application, that exposes an unsecured content provider. An attacker can communicate with the provider and reveal the user’s location without any privileges. After multiple attempts to contact the vendor we did not receive any answer. We...

CVE-2024-10576

Infinix devices contain a pre-loaded "com.transsion.agingfunction" application, that exposes an unsecured broadcast receiver. An attacker can communicate with the receiver and force the device to perform a factory reset without any Android system permissions. After multiple attempts to contact th...

CVE-2024-12993

Infinix devices contain a pre-loaded "com.rlk.weathers" application, that exposes an unsecured content provider. An attacker can communicate with the provider and reveal the user’s location without any privileges. After multiple attempts to contact the vendor we did not receive any answer. We...

CVE-2024-12993

The CVE-2024-12993 entry describes a vulnerability in Infinix devices stemming from a pre-loaded app com.rlk.weathers that exposes an unsecured content provider. An attacker can communicate with this provider to reveal the user’s location without any privileges (local attack; no user interaction ...

CVE-2024-12993 Location information exposure in Infinix Weather app

Infinix devices contain a pre-loaded "com.rlk.weathers" application, that exposes an unsecured content provider. An attacker can communicate with the provider and reveal the user’s location without any privileges. After multiple attempts to contact the vendor we did not receive any answer. We...

PT-2024-17855 · Infinix · Infinix Mobile

Name of the Vulnerable Software and Affected Versions: Infinix devices affected versions not specified Description: The issue concerns a pre-loaded application com.rlk.weathers that exposes an unsecured content provider, allowing an attacker to communicate with the provider and reveal the user's...

CVE-2024-10576 Unauthorized factory reset of Infinix devices

Infinix devices contain a pre-loaded "com.transsion.agingfunction" application, that exposes an unsecured broadcast receiver. An attacker can communicate with the receiver and force the device to perform a factory reset without any Android system permissions. After multiple attempts to contact th...

CVE-2024-10576 Unauthorized factory reset of Infinix devices

Infinix devices contain a pre-loaded "com.transsion.agingfunction" application, that exposes an unsecured broadcast receiver. An attacker can communicate with the receiver and force the device to perform a factory reset without any Android system permissions. After multiple attempts to contact th...

Transsion Holdings Infinix Mobile devices 安全漏洞

Transsion Holdings Infinix Mobile devices are a family of mobile devices from Transsion Holdings, a Chinese company. A security vulnerability exists in the Transsion Holdings Infinix Mobile devices, which originates from the inclusion of a preloaded com.transsion.agingfunction application that...