157 matches found
Unspecified Vulnerability in Tecno Camon
The Tecno Camon is a Camon series smartphone from the Chinese company Transocean. An unspecified vulnerability exists in Tecno Camon. The vulnerability can be exploited to execute code or commands with system privileges to record the screen, restore factory settings, obtain the user's Wi-Fi...
CVE-2019-15342
The Tecno Camon iAir 2 Plus Android device with a build fingerprint of TECNO/H622/TECNO-ID3k:8.1.0/O11019/E-180914V83:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...
Input validation
The Tecno Camon iClick 2 Android device with a build fingerprint of TECNO/H622/TECNO-ID6:8.1.0/O11019/F-180824V116:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...
Input validation
The Tecno Camon iClick Android device with a build fingerprint of TECNO/H633/TECNO-IN6:8.1.0/O11019/A-180409V96:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.8. This app contains an exported service named...
CVE-2019-15351
The Tecno Camon Android device with a build fingerprint of TECNO/H622/TECNO-ID5b:8.1.0/O11019/G-180829V31:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service named...
CVE-2019-15348
The Tecno Camon Android device with a build fingerprint of TECNO/H612/TECNO-ID5a:8.1.0/O11019/F-180828V106:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service named...
CVE-2019-15348
CVE-2019-15348 affects Tecno Camon Android devices that include a pre-installed platform app com.lovelyfont.defcontainer (FontCoverService). The exported service allows any co-located app to pass arbitrary shell-script commands to be executed as the system user when triggered via a logcat message...
CVE-2019-15347
The Tecno Camon iClick 2 Android device with a build fingerprint of TECNO/H622/TECNO-ID6:8.1.0/O11019/F-180824V116:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...
CVE-2019-15342
The Tecno Camon iAir 2 Plus Android device with a build fingerprint of TECNO/H622/TECNO-ID3k:8.1.0/O11019/E-180914V83:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...
CVE-2019-17395
In the Rapid Gator application 0.7.1 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat...
Default credentials
In the Rapid Gator application 0.7.1 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat...
CVE-2019-17398
In the Dark Horse Comics application 1.3.21 for Android, token information equivalent to the username and password is stored in the log during authentication, and may be available to attackers via logcat...
CVE-2019-17394
In the Seesaw Parent and Family application 6.2.5 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat...
CVE-2019-17396
In the PowerSchool Mobile application 1.1.8 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat...
CVE-2019-17394
In the Seesaw Parent and Family application 6.2.5 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat...
CVE-2019-17398
In the Dark Horse Comics application 1.3.21 for Android, token information equivalent to the username and password is stored in the log during authentication, and may be available to attackers via logcat...
CVE-2019-17355
In the Orbitz application 19.31.1 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat...
CVE-2019-17355
In the Orbitz application 19.31.1 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat...
Default credentials
In the Dark Horse Comics application 1.3.21 for Android, token information equivalent to the username and password is stored in the log during authentication, and may be available to attackers via logcat...
Default credentials
In the PowerSchool Mobile application 1.1.8 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat...