14 matches found
EUVD-2019-18738
Malware in sbrugna...
EUVD-2015-6555
Malware in sbrugna...
Exploit for Path Traversal in Thecartpress Thecartpress_Ecommerce_Shopping_Cart
This is a PoC exploit for CVE-2015-3301, a vulnerability in the Stagefright media library that allows for remote code execution on Android devices. The exploit, called Metaphor, is designed to bypass Address Space Layout Randomization ASLR and execute arbitrary code on the device. The exploit...
CVE-2020-0032
In ih264dreleasedisplaybufs of ih264dutils.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8...
CVE-2019-9307
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661893...
CVE-2019-9382
In libeffects, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120874654...
CVE-2011-3874
Stack-based buffer overflow in libsysutils in Android 2.2.x through 2.2.2 and 2.3.x through 2.3.6 allows user-assisted remote attackers to execute arbitrary code via an application that calls the FrameworkListener::dispatchCommand method with the wrong number of arguments, as demonstrated by...
Google Android Remote Code Execution Vulnerability (CNVD-2019-35222)
Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. A remote code execution vulnerability exists in Google Android 10. The vulnerability stems from an out-of-bounds write problem in libxaac in Android caused by a lac...
CVE-2018-9549
In lppTransposer of lpptran.cpp there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...
CVE-2017-0467
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver...
Android mediaserver remote code execution vulnerability (CNVD-2016-00129)
Android is a cell phone operating system based on the Linux open kernel. A security vulnerability exists in the implementation of the mediaserver feature in version 5.x prior to Android 5.1.1 LMY49F, and version 6.0 prior to 2016-01-01. A remote attacker could exploit this vulnerability to execut...
Android mediaserver memory corruption vulnerability (CNVD-2015-08006)
Android is a cell phone operating system based on the Linux open kernel. A security vulnerability exists in mediaserver in Android versions prior to 5.1.1 LMY48Z, 6.0 2015-12-01 and prior to 6.0 2015-12-01, which can be exploited by remote attackers to execute arbitrary code or cause a denial of...
Google Android Stagefright 3GPP Integer Underflow (CVE-2015-3828)
A remote code execution vulnerability, known as Stagefright Vulnerability, has been reported in Android devices core. The vulnerability is due to an integer underflow condition in multiple MP4 atoms. Successful exploitation would allow an attacker to execute arbitrary code on the target system...
Google Stagefright Media Playback Engine Remote Code Execution Vulnerability (CNVD-2015-05029)
Stagefright is a media playback service for Android, introduced since version 2.2 Froyo. A remote code execution vulnerability exists in the Google Stagefright Media Playback Engine, which can be exploited by an attacker to execute arbitrary code in the context of an affected device...