CVE-2024-5899

When Bazel Plugin in intellij imports a project either using "import project" or "Auto import" the dialog for trusting the project is not displayed. This comes from the fact that both call the method ProjectBuilder.createProject which then calls ProjectManager.getInstance.createProject. This...

CVE-2024-5899 Improper trust check in Bazel Build intellij plugin

When Bazel Plugin in intellij imports a project either using "import project" or "Auto import" the dialog for trusting the project is not displayed. This comes from the fact that both call the method ProjectBuilder.createProject which then calls ProjectManager.getInstance.createProject. This...

PT-2024-37234

Name of the Vulnerable Software and Affected Versions: Bazel Plugin versions prior to 2024.06.04.0.2 Description: The issue arises when the Bazel Plugin in IntelliJ imports a project, either using "import project" or "Auto import", and the dialog for trusting the project is not displayed. This...

SUSE-SU-2024:1264-1 Security update for xwayland

This update for xwayland fixes the following issues: - CVE-2024-31080: Fixed ProcXIGetSelectedEvents to use unswapped length bsc1222309. - CVE-2024-31081: Fixed ProcXIPassiveGrabDevice to use unswapped length to send reply bsc1222310. - CVE-2024-31083: Fixed refcounting of glyphs during...

SUSE-SU-2024:1263-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: - Fixed regression for security fix bsc1222312 for CVE-2024-31083 when using Android Studio bsc1222442...

SUSE-SU-2024:1262-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: - CVE-2024-31080: Fixed ProcXIGetSelectedEvents to use unswapped length bsc1222309. - CVE-2024-31081: Fixed ProcXIPassiveGrabDevice to use unswapped length to send reply bsc1222310. - CVE-2024-31082: Fixed ProcAppleDRICreatePixmap to use...

Android Studio Privilege Escalation

Video and POC here : https://www.youtube.com/watch?v=hAPkSGxh9H0 When you open a project in android studio, if gradle-wrapper.properties set distributionUrl=https:// services.gradle.org/distributions/gradle-2.6-all.zip , then android studio will download and extract gradle-2.6-all.zip, jar file i...

EVABS - Extremely Vulnerable Android Labs

An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners. The effort is to introduce beginners with very limited or zero knowledge to some of the major and commonly found real-world based Android application...

SMS-Stack - Framework to provided TPC/IP based characteristics to the GSM Short Message Service

Sms Stack is a Framework to provided TPC/IP based characteristics to the GSM Short Message Service. This framework works in multiple environments to provided a full stack integration in a service. The main layer features techniques to control the order and the number of sms for a given stream, an...

Critical Flaw in Major Android Tools Targets Developers and Reverse Engineers

Finally, here we have a vulnerability that targets Android developers and reverse engineers, instead of app users. Security researchers have discovered an easily-exploitable vulnerability in Android application developer tools, both downloadable and cloud-based, that could allow attackers to stea...

Android Studio 1-4 & 2.3.3 - Buffer Overflow Vulnerability

Document Title: =============== Android Studio 1-4 & 2.3.3 - Buffer Overflow Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2092 Video: https://www.youtube.com/watch?v=cdXChK64WLc Release Date: ============= 2017-08-30 Vulnerability Laboratory ID VL-ID:...

Android Studio 1-4 & 2.3.3 - Buffer Overflow Vulnerability

Document Title: =============== Android Studio 1-4 & 2.3.3 - Buffer Overflow Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2092 Video: https://www.youtube.com/watch?v=cdXChK64WLc Release Date: ============= 2017-08-29 Vulnerability Laboratory ID VL-ID:...

Mobile Security Framework: MobSF

Mobile Security Framework is an intelligent, all-in-one open source mobile application Android/iOS automated pen-testing framework capable of performing static and dynamic analysis. We’ve been depending on multiple tools to carry out reversing, decoding, debugging, code review, and pen-test and...

JetBrains IDE remote code execution and local file disclosure-vulnerability warning-the black bar safety net

! At least from the 2 0 1 3 years, has been to 2 0 to 1 6 years, 5 months, JetBrains IDE has been the presence of a local file disclosure issue, the windows and osx version there is also a remote code execution issue. This attack is the only premise is that victims want in the IDE when enabled,...

android studio v2.1.1前旧版本会导致恶意数据访问

No description provided by source...

Android Studio - The official Android IDE

Android Studio is the official IDE for Android application development, based on IntelliJ IDEA. On top of the capabilities you expect from IntelliJ, Android Studio offers: Flexible Gradle-based build system Build variants and multiple apk file generation Code templates to help you build common ap...