CVE-2019-20777

An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService mishandles OTA Provisioning on V40 and G7 devices. The LG ID is LVE-SMP-190006 July 2019...

EUVD-2014-5678

Malware in sbrugna...

EUVD-2017-9761

Malware in sbrugna...

EUVD-2019-10017

Malware in sbrugna...

EUVD-2017-2656

Malware in sbrugna...

EUVD-2019-9684

Malware in sbrugna...

EUVD-2021-2930

Malicious code in bioql PyPI...

CVE-2021-39660

In TBD of TBD, there is a possible way to archive arbitrary code execution in kernel due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndro...

CVE-2020-12754

An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A crafted application can obtain control of device input via the window system service. The LG ID is LVE-SMP-170011 May 2020...

CVE-2020-25063

An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. An application crash can occur because of incorrect application-level input validation. The LG ID is LVE-SMP-200018 July 2020...

CVE-2017-18670

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, and M6.0 software. android.intent.action.SIOPLEVELCHANGED allows a serializable intent reboot. The Samsung ID is SVE-2017-8363 May 2017...

PT-2023-18094 · Google · Android

Name of the Vulnerable Software and Affected Versions: In Content affected versions not specified Description: The issue allows determining whether an app is installed without query permissions due to side channel information disclosure. This could lead to local information disclosure with no...

AWS SDK for Android 加密问题漏洞

AWS SDK for Android is an AWS SDK for Android open source by AWS Amplify. A security vulnerability exists in AWS SDK for Android that stems from sending an unencrypted hash of plaintext along with ciphertext as a metadata field. If the hash is readable by an attacker, the hash can be used to brut...

R818 代码问题漏洞

Allwinner Technology R818 is a quad-core intelligent voice with screen chip from Allwinner Technology Zhuhai, China. A security vulnerability exists in the Allwinner R818 SoC Android Q SDK V1.0, which originates from a NULL pointer dereference in the open exec function that could execute a...

CVE-2021-30584

Incorrect security UI in Downloads in Google Chrome on Android prior to 92.0.4515.107 allowed a remote attacker to perform domain spoofing via a crafted HTML page...

Domain Spoofing

chromium is vulnerable to domain spoofing. The vulnerability exists due to Incorrect security UI in downloads in Google Chrome on Android...

CVE-2019-2228

In arrayfind of array.c, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to local information disclosure in the printer spooler with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2016-3822

exif.c in Matthias Wandel jhead 2.87, as used in libjhead in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01, allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds access via crafted EXIF data, aka internal bug...