Lucene search
+L

113 matches found

The Hacker News
The Hacker News
added 2023/05/26 12:39 p.m.29 views

Predator Android Spyware: Researchers Uncover New Data Theft Capabilities

Security researchers have detailed the inner workings of the commercial Android spyware called Predator, which is marketed by the Israeli company Intellexa previously Cytrox. Predator was first documented by Google's Threat Analysis Group TAG in May 2022 as part of attacks leveraging five differe...

7.9AI score
Exploits0
Hacker One
Hacker One
added 2023/02/22 9:53 p.m.56 views

Brave Software: UXss on brave browser via scan QR Code

A UXss vulnerability was found in Brave browser on Android 13, allowing an attacker to execute Xss on all open domains by scanning a QR code containing a malicious URL. The vulnerability could potentially allow attackers to steal victim's cookies and affect various websites...

4.3CVSS5AI score0.01576EPSS
Exploits0
ThreatPost
ThreatPost
added 2022/06/21 12:48 p.m.30 views

Kazakh Govt. Used Spyware Against Protesters

An agent of the Kazakhstan government has been using enterprise-grade spyware against domestic targets, according to Lookout research published last week. The government entity used brand impersonation to trick victims into downloading the malware, dubbed “Hermit.” Hermit is an advanced, modular...

7.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:23 p.m.3 views

Malicious code in oppo_web_app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a66462bc2faa705271df67a558a3ebd69bf8efb3fcd4095584142ac28a1a4d1d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Hacker One
Hacker One
added 2022/06/17 8:51 a.m.76 views

Hyperledger: Remote denial of service in HyperLedger Fabric

This issue was caused by a missing check of nil. An orderer to orderer consensus message that contains an empty inner message crashes the node because it attempts to figure out its type and the mere action of determining the type of a nil pointer, causes a panic. Thank you to Haosheng Wang of OPP...

5CVSS1.1AI score0.01937EPSS
Exploits0
CNNVD
CNNVD
added 2022/03/11 12:0 a.m.5 views

OPPO ColorOS 安全漏洞

OPPO ColorOS is a suite of Android-based operating systems for mobile devices from China's OPPO Guangdong Mobile Communications OPPO. A security vulnerability exists in ColorOS, which stems from the fact that an attacker can gain access to foreground package names through elevation of privilege,...

7.5CVSS7.3AI score0.00956EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/12/27 12:0 a.m.5 views

OPPO ColorOS 安全漏洞

OPPO ColorOS is a suite of Android-based operating systems for mobile devices from China's OPPO Guangdong Mobile Communications OPPO. ColorOS suffers from a security vulnerability that stems from ColorOS pre-granting dangerous permissions to applications listed in a whitelisted xml named...

7.8CVSS7.4AI score0.00633EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/12/14 12:0 a.m.16 views

The vulnerability of OPPO’s 5G router, related to the insecure storage of confidential information, allows a intruder to gain unauthorized access to protected data.

The vulnerability of OPPO’s 5G router is related to the insecure storage of confidential information. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

7.8CVSS5.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/12/14 12:0 a.m.19 views

The vulnerability of OPPO’s 5G router, which stems from the failure to take measures to neutralize special elements, allows a perpetrator to execute arbitrary codes.

The vulnerability of OPPO’s 5G router exists due to the failure to take measures to neutralize certain components. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS5.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/12/14 12:0 a.m.7 views

The vulnerability of OPPO’s 5G router web application, related to incorrect path name restrictions for accessing restricted catalogs, allows attackers to gain unauthorized access to protected information.

The vulnerability of OPPO’s 5G router web application is related to an incorrect restriction on the path to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

5.3CVSS5.5AI score
Exploits0
OSV
OSV
added 2021/09/27 1:15 p.m.4 views

CVE-2021-23243

In Oppo's battery application, the third-party SDK provides the function of loading a third-party Provider, which can be used...

7.8CVSS7.1AI score0.00107EPSS
Exploits0References1
NVD
NVD
added 2021/09/27 1:15 p.m.22 views

CVE-2021-23243

In Oppo's battery application, the third-party SDK provides the function of loading a third-party Provider, which can be used...

7.8CVSS0.00107EPSS
Exploits0References1
Prion
Prion
added 2021/09/27 1:15 p.m.13 views

Out-of-bounds

In Oppo's battery application, the third-party SDK provides the function of loading a third-party Provider, which can be used...

4.6CVSS7.6AI score0.00107EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/09/27 12:11 p.m.39 views

CVE-2021-23243

Technical details are not publicly available in the provided documents. Information on affected products, versions, impact or remediation is not specified. Monitor for updates.

7.8CVSS7.5AI score0.00107EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/09/27 12:11 p.m.23 views

CVE-2021-23243

In Oppo's battery application, the third-party SDK provides the function of loading a third-party Provider, which can be used...

7.8AI score0.00107EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/09/27 12:0 a.m.6 views

Oppo Android Phone with Qualcomm Chipset 安全漏洞

Oppo Android Phone with Qualcomm Chipset is an Android phone with Qualcomm chipset from Chinese company Oppo. Oppo Android Phone with Qualcomm Chipset suffers from a security vulnerability that stems from a third-party SDK that provides the ability to load third-party Providers...

7.8CVSS7.3AI score0.00107EPSS
Exploits0References1
CNVD
CNVD
added 2021/07/07 12:0 a.m.22 views

OPPO ColorOS has an information leakage vulnerability

ColorOS is OPPO's set of Android-based operating systems for mobile devices. OPPO ColorOS suffers from an information leakage vulnerability that can be exploited by an attacker to obtain sensitive information on a cell phone...

6.5AI score
Exploits0
CNVD
CNVD
added 2021/06/07 12:0 a.m.8 views

OPPO A92s suffers from an information disclosure vulnerability (CNVD-2021-44382)

OPPO A92s is a 5G phone from OPPO. The OPPO A92s suffers from an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...

6.5AI score
Exploits0
CNVD
CNVD
added 2021/05/11 12:0 a.m.4 views

OPPO Find x has an information leakage vulnerability

OPPO Find x is a smartphone launched by OPPO Guangdong Mobile Communication Co. OPPO Find x suffers from an information leakage vulnerability. An attacker can utilize a malicious APP to listen to the user's call content through this exposed component by simply applying for the commonly used...

6.8AI score
Exploits0
NVD
NVD
added 2021/02/06 12:15 a.m.28 views

CVE-2020-11836

OPPO Android Phone with MTK chipset and Android 8.1/9/10/11 versions have an information leak vulnerability. The “adb shell getprop ro.vendor.aee.enforcing” or “adb shell getprop ro.vendor.aee.enforcing” return no...

5.5CVSS0.00148EPSS
Exploits0References1
Rows per page
Query Builder