CVE-2026-0634

Code execution in AssistFeedbackService of TECNO Pova7 Pro 5G on Android allows local apps to execute arbitrary code as system via command injection...

CVE-2026-0634 Code Execution in AssistFeedbackService on TECNO Pova7 Pro 5G

Code execution in AssistFeedbackService of TECNO Pova7 Pro 5G on Android allows local apps to execute arbitrary code as system via command injection...

CVE-2026-0634

Code execution in AssistFeedbackService of TECNO Pova7 Pro 5G on Android allows local apps to execute arbitrary code as system via command injection...

CVE-2026-0634

CVE-2026-0634 affects TECNO Pova7 Pro 5G on Android. The vulnerability resides in the AssistFeedbackService, where a command injection allows local apps to execute arbitrary code with system privileges. Impact is local code execution with system level access. The provided documents do not specify...

TECNO Pova7 Pro 5G 安全漏洞

The TECNO Pova7 Pro 5G is a smartphone from the Chinese company TECNO, capable of supporting 5G communication. The TECNO Pova7 Pro 5G has a security vulnerability, which stems from command injection in the AssistFeedbackService component. This vulnerability may allow local applications to execute...

PT-2026-29698

Code execution in AssistFeedbackService of TECNO Pova7 Pro 5G on Android allows local apps to execute arbitrary code as system via command injection...

CVE-2025-65835

The Cordova plugin cordova-plugin-x-socialsharing SocialSharing-PhoneGap-Plugin for Android 6.0.4, registers an exported broadcast receiver nl.xservices.plugins.ShareChooserPendingIntent with an android.intent.action.SEND intent filter. The onReceive implementation accesses...

CVE-2023-38300

A certain software build for the Orbic Maui device Orbic/RC545L/RC545L:10/ORB545LV1.4.2BVZPP/230106:user/release-keys leaks the IMEI and the ICCID to system properties that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party...

CVE-2024-45741

In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create a malicious payload through a custom configuration file that the "api.uri" paramete...

CVE-2023-38294

Certain software builds for the Itel Vision 3 Turbo Android device contain a vulnerable pre-installed app with a package name of com.transsion.autotest.factory versionCode='7', versionName='1.8.02203101027' that allows local third-party apps to execute arbitrary shell commands in its context syst...

PT-2024-12695 · Unknown · Com.Evenwell.Fqc

Name of the Vulnerable Software and Affected Versions: com.evenwell.fqc version 9.0208.01 com.evenwell.fqc version 9.0209.13 com.evenwell.fqc version 9.0212.03 Description: The vulnerability in the com.evenwell.fqc app allows local third-party apps to execute arbitrary shell commands in its conte...

CVE-2023-38301

An issue was discovered in a third-party component related to vendor.gsm.serial, shipped on devices from multiple device manufacturers. Various software builds for the BLU View 2, Boost Mobile Celero 5G, Sharp Rouvo V, Motorola Moto G Pure, Motorola Moto G Power, T-Mobile Revvl 6 Pro 5G, and...

CVE-2023-38300

CVE-2023-38300 affects the Orbic Maui device (Orbic/RC545L/RC545L:10/ORB545L_V1.4.2_BVZPP/230106:user/release-keys). A high-privilege process leaks non-resettable identifiers by exposing IMEI via persist.sys.verizon_test_plan_imei and ICCID via persist.sys.verizon_test_plan_iccid to system proper...

CVE-2023-38290

CVE-2023-38290 affects BLU View 2 and Sharp Rouvo V Android devices due to a vulnerable pre-installed com.evenwell.fqc app. The issue: inadequate access control lets local third-party apps execute arbitrary shell commands in the app’s system context without special permissions, enabling actions s...

CVE-2023-38294

Certain software builds for the Itel Vision 3 Turbo Android device contain a vulnerable pre-installed app with a package name of com.transsion.autotest.factory versionCode='7', versionName='1.8.02203101027' that allows local third-party apps to execute arbitrary shell commands in its context syst...

PT-2024-12706 · T Mobile +4 · T-Mobile Revvl V+ 5G +6

Name of the Vulnerable Software and Affected Versions: BLU View 2 version B131DL/B130DL:11/RP1A.200720.011/1672046950:user/release-keys Boost Mobile Celero 5G version Celero5G/Jupiter/Jupiter:11/RP1A.200720.011/SW S98119AA1 V067:user/release-keys Sharp Rouvo V version SHARP/VZW...

PT-2024-12696 · Motorola +1 · Motorola Moto G Pure +3

Name of the Vulnerable Software and Affected Versions: TCL 30Z affected versions not specified TCL 10L affected versions not specified Motorola Moto G Pure affected versions not specified Motorola Moto G Power affected versions not specified Description: An issue was discovered in a third-party...

PT-2024-12705 · Orbic · Orbic Maui

Name of the Vulnerable Software and Affected Versions: Orbic Maui device version ORB545L V1.4.2 BVZPP Description: A certain software build for the Orbic Maui device leaks the IMEI and the ICCID to system properties that can be accessed by any local app on the device without any permissions or...

CVE-2023-38294

Certain software builds for the Itel Vision 3 Turbo Android device contain a vulnerable pre-installed app with a package name of com.transsion.autotest.factory versionCode='7', versionName='1.8.02203101027' that allows local third-party apps to execute arbitrary shell commands in its context syst...

Endpoint Managment - How to add local apps to Android dedicated device home screen.

How to add local apps to Android-dedicated device home screen...