Exploit for Path Traversal in Thecartpress Thecartpress_Ecommerce_Shopping_Cart

This is a PoC exploit for CVE-2015-3301, a vulnerability in the Stagefright media library that allows for remote code execution on Android devices. The exploit, called Metaphor, is designed to bypass Address Space Layout Randomization ASLR and execute arbitrary code on the device. The exploit...

Linux Distros Unpatched Vulnerability : CVE-2016-6754

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A remote code execution vulnerability in Webview in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-05 could enable a remote attacker to...

Linux Distros Unpatched Vulnerability : CVE-2016-2457

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - server/pm/UserManagerService.java in Wi-Fi in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows attackers to bypass intended...

Linux Distros Unpatched Vulnerability : CVE-2015-3854

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - packages/SystemUI/src/com/android/systemui/power/PowerNotificationWarnings.java in Android 5.x allows attackers to bypass a DEVICEPOWER permission requirement v...

PT-2024-25092 · Utarit Information · Utarit Information Soliclub

Name of the Vulnerable Software and Affected Versions: Utarit Information SoliClub versions prior to 4.4.0 for iOS Utarit Information SoliClub versions prior to 5.2.1 for Android Description: The issue affects Utarit Information SoliClub, allowing unauthorized actors to access sensitive data. Thi...

PT-2024-31481 · Unknown · @Cosme App For Ios +1

Name of the Vulnerable Software and Affected Versions: @cosme App for Android versions prior to 5.69.0 @cosme App for iOS versions prior to 6.74.0 Description: The issue is related to improper authorization in the handler for the custom URL scheme, which allows an attacker to lead a user to acces...

SUSE CVE-2015-6783

The FindStartOffsetOfFileInZipFile function in crazylinkerzip.cpp in crazylinker aka Crazy Linker in Android 5.x and 6.x, as used in Google Chrome before 47.0.2526.73, improperly searches for an EOCD record, which allows attackers to bypass a signature-validation requirement via a crafted ZIP...

CVE-2017-18671

An issue was discovered on Samsung mobile devices with L5.0/5.1, M6.0, and N7.x software. Intents related to Wi-Fi have incorrect exception handling, leading to a crash of system processes. The Samsung ID is SVE-2017-8389 May 2017...

CVE-2016-11031

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, and M6.0 software. AntService allows a systemserver crash and reboot. The Samsung ID is SVE-2016-7044 November 2016...

CVE-2016-11042

An issue was discovered on Samsung mobile devices with L5.0/5.1 and M6.0 software. There is a SIM Lock bypass. The Samsung ID is SVE-2016-5381 June 2016...

Samsung Mobile Device Arbitrary Code Execution Vulnerability

Samsung mobile devices are smart mobile devices manufactured by Samsung in South Korea.Android L, M, and N are a set of different versions of the Linux-based open source operating system developed by Google and the Open Handset Alliance OHA.Exynos Exynos chipsets are processors designed and...

CVE-2017-0763

A remote code execution vulnerability in the Android media framework libhevc. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62534693...

UBUNTU-CVE-2017-0592

A remote code execution vulnerability in FLACExtractor.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution...

Samsung Information Disclosure Vulnerability

Samsung Android M and others is an Android smartphone from Samsung South Korea. A security vulnerability exists in Samsung mobile devices using Android L 5.0/5.1, M 6.0 and N 7.x versions. An attacker can exploit the vulnerability by reading log files to obtain sensitive information...

CVE-2017-0419

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally...

CVE-2016-6702

A remote code execution vulnerability in libjpeg in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility ...

CVE-2016-3900

cmds/servicemanager/servicemanager.c in ServiceManager in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not properly restrict service registration, which allows attackers to gain privileges via a crafted application, aka internal bug 2943126...

UBUNTU-CVE-2015-3854

packages/SystemUI/src/com/android/systemui/power/PowerNotificationWarnings.java in Android 5.x allows attackers to bypass a DEVICEPOWER permission requirement via a broadcast intent with the PNW.stopSaver action, aka internal bug 20918350...

CVE-2016-3839

Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to cause a denial of service loss of Bluetooth 911 functionality via a crafted application that sends a signal to a Bluetooth process, aka internal bug 28885210...

UBUNTU-CVE-2016-3825

mm-video-v4l2/vidc/venc/src/omxvideobase.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allocates an incorrect amount of memory, which allows attackers to gain privileges via a crafted application, aka internal bug 28816964...