Lucene search
K

33 matches found

Android Security Bulletins
Android Security Bulletins
added 2022/02/07 12:0 a.m.10 views

Pixel Update Bulletin—February 2022Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices Google devices. For Google devices, security patch levels of 2022-02-05 or later address all issues in this bulletin and all issues in the February 2022 Android...

6.7CVSS7AI score0.00145EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2021/10/11 11:2 a.m.22 views

A week in security (Oct 4 – Oct 10)

Last week on Malwarebytes Labs Does Cybersecurity Awareness Month actually improve security? Police take a piece out of a ransomware gang, but won’t say which one Neiman Marcus data breach affects millions Windows 11 is out. Is it any good for security? Criminals were inside Syniverse for 5 years...

7.3AI score
Exploits0
Citrix
Citrix
added 2021/05/30 12:0 a.m.6 views

Home screen icons(shortcuts) are removed after every Android update

On Android Enterprise Full managed device, Home screen appsshortcuts are getting removed after Android UpdateSamsung Patch. This happens only on Samsung devices and with all patches available. This is not specific to any patch...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/09 7:45 a.m.72 views

Gigaset Android Update Server Hacked to Install Malware on Users' Devices

Gigaset has revealed a malware infection discovered in its Android devices was the result of a compromise of a server belonging to an external update service provider. Impacting older smartphone models — GS100, GS160, GS170, GS180, GS270 plus, and GS370 plus series — the malware took the form of...

0.7AI score
Exploits0
OSV
OSV
added 2020/06/11 3:15 p.m.4 views

CVE-2020-0204

In InstallPackage of package.cpp, there is a possible bypass of a signature check due to a Time of Check/Time of Use condition. This could lead to local escalation of privilege by allowing a bypass of the initial zip file signature check for an OS update with no additional execution privileges...

7CVSS7.2AI score0.00317EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/10/03 12:0 a.m.6 views

PT-2019-12568 · Google +1 · Android-Gif-Drawable +1

Name of the Vulnerable Software and Affected Versions: android-gif-drawable versions prior to 1.2.18 WhatsApp for Android versions prior to 2.19.244 Description: A double free vulnerability in the DDGifSlurp function in the android-gif-drawable library allows remote attackers to execute arbitrary...

8.8CVSS8.7AI score0.44255EPSS
Exploits16References34
Pen Test Partners Blog
Pen Test Partners Blog
added 2019/08/10 7:32 a.m.236 views

CVE-2019-12103 – Analysis of a Pre-Auth RCE on the TP-Link M7350, with Ghidra!

TL;DR The TP-Link M7350 V3 is affected by a pre-authentication CVE-2019-12103, and a few post-authentication CVE-2019-12104 command injection vulnerabilities. These injections can be exploited remotely, if the attacker is on the same LAN or otherwise able to get access to the router web interface...

10CVSS10AI score0.04693EPSS
Exploits1
Prion
Prion
added 2018/07/06 9:29 p.m.10 views

Code injection

The Trackr device ID is constructed of a manufacturer identifier of four zeroes followed by the BLE MAC address in reverse. The MAC address can be obtained by being in close proximity to the Bluetooth device, effectively exposing the device ID. The ID can be used to track devices. Updated apps,...

3.3CVSS7.4AI score0.01286EPSS
Exploits2References4Affected Software1
The Hacker News
The Hacker News
added 2018/05/11 6:55 p.m.1 views

Google Makes it Mandatory for OEMs to Roll Out Android Security Updates Regularly

Security of Android devices has been a nightmare since its inception, and the biggest reason being is that users don't receive latest security patch updates regularly. Precisely, it's your device manufacturer Android OEMs actually who takes time to roll out security patches for your devices and...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2017/09/06 1:12 p.m.24 views

13 Critical Remote Code Execution Bugs Fixed in September Android Update

Google fixed 81 vulnerabilities, including 13 critical remote code execution bugs, in the September release of its Android Security Bulletin on Tuesday. The most concerning vulnerabilities, as usual, concern Media Framework, Android’s lightweight media player. The framework includes the...

1.2AI score
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/04/19 12:0 a.m.26 views

JVN#11815655: Photopt App fails to verify SSL server certificates

Photopt App provided by NTT Communications Corporation fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided by th...

5.9CVSS5.5AI score0.0084EPSS
Exploits0
hackapp
hackapp
added 2016/04/01 9:4 a.m.12 views

Android Update Checker - Dynamic Code Loading, External URLs, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application Android Update Checker published at the 'play' market has multiple vulnerabilities...

0.4AI score
Exploits0References1Affected Software1
ThreatPost
ThreatPost
added 2014/12/09 2:13 p.m.19 views

Yik Yak Patches Privacy Flaw in iOS App

Yik Yak, an application that allows users to share purportedly anonymous status updates with others near them, has fixed a critical vulnerability in its iOS app that could have de-anonymized users and let attackers take total control of someone’s account. Yik Yak’s security team was apparently...

6.7AI score
Exploits0References6
Rows per page
Query Builder