113 matches found
Predator Android Spyware: Researchers Uncover New Data Theft Capabilities
Security researchers have detailed the inner workings of the commercial Android spyware called Predator, which is marketed by the Israeli company Intellexa previously Cytrox. Predator was first documented by Google's Threat Analysis Group TAG in May 2022 as part of attacks leveraging five differe...
Brave Software: UXss on brave browser via scan QR Code
A UXss vulnerability was found in Brave browser on Android 13, allowing an attacker to execute Xss on all open domains by scanning a QR code containing a malicious URL. The vulnerability could potentially allow attackers to steal victim's cookies and affect various websites...
Kazakh Govt. Used Spyware Against Protesters
An agent of the Kazakhstan government has been using enterprise-grade spyware against domestic targets, according to Lookout research published last week. The government entity used brand impersonation to trick victims into downloading the malware, dubbed “Hermit.” Hermit is an advanced, modular...
Malicious code in oppo_web_app (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a66462bc2faa705271df67a558a3ebd69bf8efb3fcd4095584142ac28a1a4d1d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Hyperledger: Remote denial of service in HyperLedger Fabric
This issue was caused by a missing check of nil. An orderer to orderer consensus message that contains an empty inner message crashes the node because it attempts to figure out its type and the mere action of determining the type of a nil pointer, causes a panic. Thank you to Haosheng Wang of OPP...
OPPO ColorOS 安全漏洞
OPPO ColorOS is a suite of Android-based operating systems for mobile devices from China's OPPO Guangdong Mobile Communications OPPO. A security vulnerability exists in ColorOS, which stems from the fact that an attacker can gain access to foreground package names through elevation of privilege,...
OPPO ColorOS 安全漏洞
OPPO ColorOS is a suite of Android-based operating systems for mobile devices from China's OPPO Guangdong Mobile Communications OPPO. ColorOS suffers from a security vulnerability that stems from ColorOS pre-granting dangerous permissions to applications listed in a whitelisted xml named...
The vulnerability of OPPO’s 5G router, related to the insecure storage of confidential information, allows a intruder to gain unauthorized access to protected data.
The vulnerability of OPPO’s 5G router is related to the insecure storage of confidential information. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of OPPO’s 5G router, which stems from the failure to take measures to neutralize special elements, allows a perpetrator to execute arbitrary codes.
The vulnerability of OPPO’s 5G router exists due to the failure to take measures to neutralize certain components. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of OPPO’s 5G router web application, related to incorrect path name restrictions for accessing restricted catalogs, allows attackers to gain unauthorized access to protected information.
The vulnerability of OPPO’s 5G router web application is related to an incorrect restriction on the path to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...
CVE-2021-23243
In Oppo's battery application, the third-party SDK provides the function of loading a third-party Provider, which can be used...
CVE-2021-23243
In Oppo's battery application, the third-party SDK provides the function of loading a third-party Provider, which can be used...
Out-of-bounds
In Oppo's battery application, the third-party SDK provides the function of loading a third-party Provider, which can be used...
CVE-2021-23243
Technical details are not publicly available in the provided documents. Information on affected products, versions, impact or remediation is not specified. Monitor for updates.
CVE-2021-23243
In Oppo's battery application, the third-party SDK provides the function of loading a third-party Provider, which can be used...
Oppo Android Phone with Qualcomm Chipset 安全漏洞
Oppo Android Phone with Qualcomm Chipset is an Android phone with Qualcomm chipset from Chinese company Oppo. Oppo Android Phone with Qualcomm Chipset suffers from a security vulnerability that stems from a third-party SDK that provides the ability to load third-party Providers...
OPPO ColorOS has an information leakage vulnerability
ColorOS is OPPO's set of Android-based operating systems for mobile devices. OPPO ColorOS suffers from an information leakage vulnerability that can be exploited by an attacker to obtain sensitive information on a cell phone...
OPPO A92s suffers from an information disclosure vulnerability (CNVD-2021-44382)
OPPO A92s is a 5G phone from OPPO. The OPPO A92s suffers from an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...
OPPO Find x has an information leakage vulnerability
OPPO Find x is a smartphone launched by OPPO Guangdong Mobile Communication Co. OPPO Find x suffers from an information leakage vulnerability. An attacker can utilize a malicious APP to listen to the user's call content through this exposed component by simply applying for the commonly used...
CVE-2020-11836
OPPO Android Phone with MTK chipset and Android 8.1/9/10/11 versions have an information leak vulnerability. The “adb shell getprop ro.vendor.aee.enforcing” or “adb shell getprop ro.vendor.aee.enforcing” return no...