CVE-2025-67264

An OS command injection vulnerability in the com.sprd.engineermode component in Doogee Note59, Note59 Pro, and Note59 Pro+ allows a local attacker to execute arbitrary code and escalate privileges via the EngineerMode ADB shell, due to incomplete patching of CVE-2025-31710...

CVE-2025-67264

CVE-2025-67264 describes an OS command-injection in the com.sprd.engineermode component on Doogee Note59/Note59 Pro/Note59 Pro+. The vulnerability allows a local attacker to execute arbitrary code and escalate privileges via the EngineerMode ADB shell, attributed to incomplete patching of CVE-202...

PT-2026-4525

Name of the Vulnerable Software and Affected Versions Doogee Note59 Doogee Note59 Pro Doogee Note59 Pro+ affected versions not specified Description A flaw exists within the com.sprd.engineermode component that could allow a local attacker to execute arbitrary code and escalate privileges. This i...

EUVD-2014-7803

Malware in sbrugna...

EUVD-2013-6572

Malware in sbrugna...

Exploit for Command Injection in Google Android

unisoc-su A method for CVE-2025-31710https://nvd.nist.gov/v...

CVE-2023-33745

TeleAdapt RoomCast TA-2400 1.0 through 3.1 is vulnerable to Improper Privilege Management: from the shell available after an adb connection, simply entering the su command provides root access without requiring a password...

CVE-2019-1010221

LineageOS 16.0 and earlier is affected by: Incorrect Access Control. The impact is: The property checked by adb root can also be set in a normal adb shell session. The component is: adb shell patches to fix this are at https://review.lineageos.org/c/LineageOS/androidsystemcore/+/234800,...

Exploit for Special Element Injection in Google Android

!python-static-badgehttps://img.shields.io/badge/Python-blue?...

(Pwn2Own) Ubiquiti Networks EV Station setDebugPortEnabled Exposed Dangerous Method Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Ubiquiti Networks EV Station. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

Code injection

In executeRequest of OverlayManagerService.java, there is a possible way to control fabricated overlays from adb shell due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2021-39630

In executeRequest of OverlayManagerService.java, there is a possible way to control fabricated overlays from adb shell due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

ASB-A-202768292

In executeRequest of OverlayManagerService.java, there is a possible way to control fabricated overlays from adb shell due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PSC - E2E Encryption For Multi-Hop Tty Sessions Or Portshells + TCP/UDP Port Forward

DNS lookup and SSH session forwarded across an UART connection to a Pi PSC allows to e2e encrypt shell sessions, single- or multip-hop, being agnostic of the underlying transport, as long as it is reliable and can send/receive Base64 encoded data without modding/filtering. Along with the e2e pty...

CVE-2019-1010221

LineageOS 16.0 and earlier is affected by: Incorrect Access Control. The impact is: The property checked by adb root can also be set in a normal adb shell session. The component is: adb shell patches to fix this are at https://review.lineageos.org/c/LineageOS/androidsystemcore/+/234800,...

CVE-2019-1010221

LineageOS 16.0 and earlier is affected by: Incorrect Access Control. The impact is: The property checked by adb root can also be set in a normal adb shell session. The component is: adb shell patches to fix this are at https://review.lineageos.org/c/LineageOS/androidsystemcore/+/234800,...

CVE-2019-1010221

The CVE-2019-1010221 entry concerns LineageOS 16.0 and earlier where an Incorrect Access Control allows adb root state to be set from a normal adb shell. The underlying issue is that the property used to enable root in adb (service.adb.root) can be manipulated when adb is enabled, enabling an att...

OnePlus Left A Backdoor That Allows Root Access Without Unlocking Bootloader

Another terrible news for OnePlus users. Just over a month after OnePlus was caught collecting personally identifiable information on its users, the Chinese smartphone company has been found leaving a backdoor on almost all OnePlus handsets. A Twitter user, who goes by the name "Elliot Anderson"...

CVE-2014-7953

Race condition in the bindBackupAgent method in the ActivityManagerService in Android 4.4.4 allows local users with adb shell access to execute arbitrary code or any valid package as system by running "pm install" with the target apk, and simultaneously running a crafted script to process logcat'...

CVE-2014-7953

CVE-2014-7953 describes a race condition in Android 4.4.4’s ActivityManagerService.bindBackupAgent that lets a local user with adb shell execute code as system by coordinating an adb install with a crafted logcat script to force bindBackupAgent to use an ApplicationInfo uid of 1000. The flaw stem...