25 matches found
Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
A nascent Android remote access trojan called Mirax has been observed actively targeting Spanish-speaking countries, with campaigns reaching more than 220,000 accounts on Facebook, Instagram, Messenger, and Threads through advertisements on Meta. "Mirax integrates advanced Remote Access Trojan RA...
EUVD-2019-18701
Malware in sbrugna...
EUVD-2014-2023
Malware in sbrugna...
EUVD-2019-18738
Malware in sbrugna...
EUVD-2015-6555
Malware in sbrugna...
EUVD-2025-16296
Malicious code in bioql PyPI...
Exploit for Path Traversal in Thecartpress Thecartpress_Ecommerce_Shopping_Cart
This is a PoC exploit for CVE-2015-3301, a vulnerability in the Stagefright media library that allows for remote code execution on Android devices. The exploit, called Metaphor, is designed to bypass Address Space Layout Randomization ASLR and execute arbitrary code on the device. The exploit...
CVE-2020-0032
In ih264dreleasedisplaybufs of ih264dutils.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8...
CVE-2019-9387
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117569833...
CVE-2019-9307
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661893...
CVE-2019-9329
In Bluetooth, there is a possible out of bounds read due to uninitialized data. This could lead to remote information disclosure, with no additional privileges required. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112917952...
CVE-2019-9382
In libeffects, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120874654...
CVE-2011-3874
Stack-based buffer overflow in libsysutils in Android 2.2.x through 2.2.2 and 2.3.x through 2.3.6 allows user-assisted remote attackers to execute arbitrary code via an application that calls the FrameworkListener::dispatchCommand method with the wrong number of arguments, as demonstrated by...
Moukthar - Android Remote Administration Tool
Remote adminitration tool for android Features Permissions bypass android 12 below https://youtube.com/shorts/-w8H0lkFxb0 Keylogger https://youtube.com/shorts/Ll9dNrkjFOA Notifications listener SMS listener Phone call recording Image capturing and screenshots Video recording Persistence Read &...
A week in security (December 4 – December 10)
Last week on Malwarebytes Labs: Meta’s Purple Llama wants to test safety risks in AI models US government is snooping on people via phone push notifications, says senator Android phones can be taken over remotely – update when you can How IT teams can conduct a vulnerability assessment for...
CVE-2021-0515
In Factory::CreateStrictFunctionMap of factory.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2019-9461
In the Android kernel in VPN routing there is a possible information disclosure. This could lead to remote information disclosure by an adjacent network attacker with no additional execution privileges needed. User interaction is not needed for exploitation...
Google Android Remote Code Execution Vulnerability (CNVD-2019-35222)
Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. A remote code execution vulnerability exists in Google Android 10. The vulnerability stems from an out-of-bounds write problem in libxaac in Android caused by a lac...
CVE-2018-9549
In lppTransposer of lpptran.cpp there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...
CVE-2017-0467
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver...