EUVD-2023-44647

Malicious code in bioql PyPI...

CVE-2017-18683

An issue was discovered on Samsung mobile devices with L5.0/5.1 and M6.0 software. SVoice allows Hare Hunting during application installation. The Samsung ID is SVE-2016-6942 February 2017...

CVE-2023-40040

An issue was discovered in the MyCrops HiGrade "THC Testing & Cannabi" application 1.0.337 for Android. A remote attacker can start the camera feed via the com.cordovaplugincamerapreview.CameraActivity component in some situations. NOTE: this is only exploitable on Android versions that lack...

CVE-2023-40040

An issue was discovered in the MyCrops HiGrade "THC Testing & Cannabi" application 1.0.337 for Android. A remote attacker can start the camera feed via the com.cordovaplugincamerapreview.CameraActivity component in some situations. NOTE: this is only exploitable on Android versions that lack...

Code injection

An issue was discovered in the MyCrops HiGrade "THC Testing & Cannabi" application 1.0.337 for Android. A remote attacker can start the camera feed via the com.cordovaplugincamerapreview.CameraActivity component in some situations. NOTE: this is only exploitable on Android versions that lack...

CVE-2023-40040

An issue was discovered in the MyCrops HiGrade "THC Testing & Cannabi" application 1.0.337 for Android. A remote attacker can start the camera feed via the com.cordovaplugincamerapreview.CameraActivity component in some situations. NOTE: this is only exploitable on Android versions that lack...

CVE-2023-40040

An issue was discovered in the MyCrops HiGrade "THC Testing & Cannabi" application 1.0.337 for Android. A remote attacker can start the camera feed via the com.cordovaplugincamerapreview.CameraActivity component in some situations. NOTE: this is only exploitable on Android versions that lack...

CVE-2018-21086

An issue was discovered on Samsung mobile devices with L5.x, M6.0, and N7.x software. There is a race condition with a resultant double free in vnswapinitbackingstorage. The Samsung ID is SVE-2017-11177 February 2018...

CVE-2017-18664

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, and M6.0 software. There is a NULL pointer exception in PersonManager, causing memory corruption. The Samsung ID is SVE-2017-8286 June 2017...

CVE-2017-18680

An issue was discovered on Samsung mobile devices with L5.0/5.1 and M6.0 tablets software. The lockscreen interface allows Add User actions, leading to an unintended ability to access user data in external storage. The Samsung ID is SVE-2016-7797 March 2017...

CVE-2017-18670

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, and M6.0 software. android.intent.action.SIOPLEVELCHANGED allows a serializable intent reboot. The Samsung ID is SVE-2017-8363 May 2017...

CVE-2016-11034

An issue was discovered on Samsung mobile devices with L5.0/5.1 and M6.0 software. The decode function in Qjpeg in Qt 5.7 allows attackers to trigger a system crash via a malformed image. The Samsung ID is SVE-2016-6560 October 2016...

CVE-2016-11048

An issue was discovered on Samsung mobile devices with L5.0/5.1 Spreadtrum or Marvell chipsets software. There is a Factory Reset Protection FRP bypass. The Samsung ID is SVE-2016-5421 March 2016...

CVE-2016-11045

An issue was discovered on Samsung mobile devices with L5.0/5.1 software. The Gallery library allow memory corruption via a malformed image. The Samsung ID is SVE-2016-5317 May 2016...

Design/Logic Flaw

An issue was discovered on Samsung mobile devices with L5.0/5.1 Spreadtrum or Marvell chipsets software. There is a Factory Reset Protection FRP bypass. The Samsung ID is SVE-2016-5421 March 2016...

Twitter Fixes Bug that Enabled Takeover of Android App Accounts

Twitter for Android users are being urged to update their app to avoid a security bug that allows a malicious user to access private account data and could also allow an attacker to take control of accounts to send tweets and direct messages. The warning comes from Twitter who said there are no...

Messaging Lollipop 5.0 (AOSP) - Dangerous filesystem permissions, Exported ContentProvider, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Messaging Lollipop 5.0 AOSP published at the 'play' market has multiple vulnerabilities...

CVE-2016-4546

Samsung devices with Android KK4.4 or L5.0/5.1 allow local users to cause a denial of service IAndroidShm service crash via crafted data in a service call...

CVE-2017-5351

Samsung Note devices with KK4.4, L5.0/5.1, and M6.0 software allow attackers to crash the system by creating an arbitrarily large number of active VR service threads. The Samsung ID is SVE-2016-7650...

CVE-2016-9277

Integer overflow in SystemUI in KK4.4 and L5.0/5.1 on Samsung Note devices allows attackers to cause a denial of service UI restart via vectors involving APIs and an activity that computes an out-of-bounds array index, aka SVE-2016-6906...