12 matches found
EUVD-2020-29748
Malware in sbrugna...
CVE-2020-8913
A local, arbitrary code execution vulnerability exists in the SplitCompat.install endpoint in Android's Play Core Library versions prior to 1.7.2. A malicious attacker could create an apk which targets a specific application, and if a victim were to install this apk, the attacker could perform a...
Directory Traversal
Overview com.google.android.play:core is a Google Play Core Library. Affected versions of this package are vulnerable to Directory Traversal. This flaw is in the SplitCompat.install endpoint. A malicious attacker can create an apk which targets a specific application, and if a victim were to...
Google Play Apps Remain Vulnerable to High-Severity Flaw
UPDATE Researchers are warning that several popular Google Play applications – including mobile browser app Edge – have yet to push out an important update addressing a high-severity vulnerability in the Google Play Core Library. The vulnerability exists in Google Play Core Library, which is...
Several Unpatched Popular Android Apps Put Millions of Users at Risk of Hacking
A number of high-profile Android apps are still using an unpatched version of Google's widely-used app update library, potentially putting the personal data of hundreds of millions of smartphone users at risk of hacking. Many popular apps, including Grindr, Bumble, OkCupid, Cisco Teams, Moovit,...
Several Unpatched Popular Android Apps Put Millions of Users at Risk of Hacking
A number of high-profile Android apps are still using an unpatched version of Google's widely-used app update library, potentially putting the personal data of hundreds of millions of smartphone users at risk of hacking. Many popular apps, including Grindr, Bumble, OkCupid, Cisco Teams, Moovit,...
Awesome Android Security - A Curated List Of Android Security Materials And Resources For Pentesters And Bug Hunters
A curated list of Android Security materials and resources For Pentesters and Bug Hunters. Blog AAPG - Android application penetration testing guide TikTok: three persistent arbitrary code executions and one theft of arbitrary files Persistent arbitrary code execution in Android's Google Play Cor...
CVE-2020-8913
A local, arbitrary code execution vulnerability exists in the SplitCompat.install endpoint in Android's Play Core Library versions prior to 1.7.2. A malicious attacker could create an apk which targets a specific application, and if a victim were to install this apk, the attacker could perform a...
Directory traversal
A local, arbitrary code execution vulnerability exists in the SplitCompat.install endpoint in Android's Play Core Library versions prior to 1.7.2. A malicious attacker could create an apk which targets a specific application, and if a victim were to install this apk, the attacker could perform a...
CVE-2020-8913 Local arbitrary code execution in splitinstall in Android's Play Core
A local, arbitrary code execution vulnerability exists in the SplitCompat.install endpoint in Android's Play Core Library versions prior to 1.7.2. A malicious attacker could create an apk which targets a specific application, and if a victim were to install this apk, the attacker could perform a...
CVE-2020-8913
CVE-2020-8913 : A local arbitrary code execution vulnerability exists in Android’s Play Core Library (SplitCompat.install) for versions prior to 1.7.2. An attacker could craft an APK targeting a specific app; if installed, this could trigger a directory traversal and execute code with the targete...
PT-2020-20366 · Google · Google Play Core Library
Name of the Vulnerable Software and Affected Versions: Google Play Core Library versions prior to 1.7.2 Description: A local, arbitrary code execution issue exists in the SplitCompat.install endpoint in Android's Play Core Library. This allows a malicious attacker to create an apk that targets a...