EUVD-2013-6572

Malware in sbrugna...

Exploit for Special Element Injection in Google Android

!python-static-badgehttps://img.shields.io/badge/Python-blue?...

CVE-2014-7953

Race condition in the bindBackupAgent method in the ActivityManagerService in Android 4.4.4 allows local users with adb shell access to execute arbitrary code or any valid package as system by running "pm install" with the target apk, and simultaneously running a crafted script to process logcat'...

Android OS 4.4.4 Backup Agent Arbitrary Code Execution Vulnerability

The Android backup agent implementation was vulnerable to privilege escalation and race condition. An attacker with adb shell access could run arbitrary code as the system 1000 user or any other valid package. The attack is tested on Android OS 4.4.4. Android backup agent arbitrary code execution...

CVE-2013-6770

The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.3 and 4.4 does not properly restrict the set of users who can execute /system/xbin/su with the --daemon option, which allows attackers to gain privileges by leveraging ADB shell access and a certain Linux UID, and then...

Android 4.3 Superuser Root Privilege Escalation Vulnerability

The Superuser package for Android 4.3 allows a user to spawn /system/xbin/su with manipulated environment variables to execute code as root. Current releases of the CyanogenMod/ClockWorkMod/Koush Superuser package may allow restricted local users to execute arbitrary commands as root in certain,...

Android 4.3 Superuser Root Privilege Escalation

Current releases of the CyanogenMod/ClockWorkMod/Koush Superuser package may allow restricted local users to execute arbitrary commands as root in certain, non-default device configurations. Android 4.3 introduced the concept of "restricted profiles," created through the Settings - Users menu. A...