75479 matches found
EUVD-2025-203117
Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-14373
Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-14373
CVE-2025-14373 affects Chromium/Chrome components (Android Toolbar) with an inappropriate implementation that permits domain spoofing via a crafted HTML page. Affected: Google Chrome on Android before version 143.0.7499.110; Chromium builds in Fedora/Debian updates reference Chromium 143.0.7499.1...
CVE-2025-14373
Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-14373
Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...
Exploit for CVE-2025-36924
CVE-2025-36924 Android Privilege Escalation Exploit Discla...
CVE-2025-14517
A vulnerability was determined in Yalantis uCrop 2.2.11. This affects the function UCropActivity of the file AndroidManifest.xml. Executing manipulation can lead to improper export of android application components. The attack can only be executed locally. The exploit has been publicly disclosed...
A look at an Android ITW DNG exploit
Posted by Benoît Sevens, Google Threat Intelligence Group Introduction Between July 2024 and February 2025, 6 suspicious image files were uploaded to VirusTotal. Thanks to a lead from Meta, these samples came to the attention of Google Threat Intelligence Group. Investigation of these images show...
USN-7906-3: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - Cryptographic API; - Android drivers; - TTY drivers; - F2FS file system; - 9P file system netwo...
USN-7906-3 linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - Cryptographic API; - Android drivers; - TTY drivers; - F2FS file system; - 9P file system netwo...
DroidLock malware locks you out of your Android device and demands ransom
Researchers have analyzed a new threat campaign actively targeting Android users. The malware, named DroidLock, takes over a device and then holds it for ransom. The campaign to date has primarily targeted Spanish-speaking users, but researchers warn it could spread. DroidLock is delivered via...
Improper Export of Android Application Components
Overview Affected versions of this package are vulnerable to Improper Export of Android Application Components via the UCropActivity component in the AndroidManifest.xml file. An attacker can gain unauthorized access to application components by crafting malicious local intents. Remediation There...
New ‘DroidLock’ Android Malware Locks Users Out, Spies via Front Camera
Zimperium zLabs reveals DroidLock, a new Android malware acting like ransomware that can hijack Android devices, steal credentials via phishing, and stream your screen via VNC...
CVE-2025-14517
A vulnerability was determined in Yalantis uCrop 2.2.11. This affects the function UCropActivity of the file AndroidManifest.xml. Executing manipulation can lead to improper export of android application components. The attack can only be executed locally. The exploit has been publicly disclosed...
CVE-2025-14517 Yalantis uCrop AndroidManifest.xml UCropActivity improper export of android application components
A vulnerability was determined in Yalantis uCrop 2.2.11. This affects the function UCropActivity of the file AndroidManifest.xml. Executing manipulation can lead to improper export of android application components. The attack can only be executed locally. The exploit has been publicly disclosed...
CVE-2025-14517
CVE-2025-14517 affects Yalantis uCrop 2.2.11 and concerns the UCropActivity component defined in AndroidManifest.xml. The vulnerability arises from an improper export of Android application components, which could allow manipulation to lead to exposure of components outside the intended scope. Ex...
CVE-2025-14517 Yalantis uCrop AndroidManifest.xml UCropActivity improper export of android application components
A vulnerability was determined in Yalantis uCrop 2.2.11. This affects the function UCropActivity of the file AndroidManifest.xml. Executing manipulation can lead to improper export of android application components. The attack can only be executed locally. The exploit has been publicly disclosed...
CVE-2025-65820
An issue was discovered in Meatmeet Android Mobile Application 1.1.2.0. An exported activity can be spawned with the mobile application which opens a hidden page. This page, which is not available through the normal flows of the application, contains several devices which can be added to your...
uCrop 安全漏洞
uCrop is an Android image cropping library open source by Yalantis. A security vulnerability exists in uCrop version 2.2.11, which originates from improper export of the function UCropActivity in the file AndroidManifest.xml, which could lead to improper export of Android application components...
EUVD-2025-202626
An issue was discovered in Meatmeet Android Mobile Application 1.1.2.0. An exported activity can be spawned with the mobile application which opens a hidden page. This page, which is not available through the normal flows of the application, contains several devices which can be added to your...