CVE-2025-64696

Android App "Brother iPrint&Scan" versions 6.13.7 and earlier improperly uses an external cache directory. If exploited, application-specific files may be accessed from other malicious applications...

Android App "Brother iPrint&Scan" improper use of an external cache directory

Overview iPrint provided by Brother Industries, Ltd. contains the following vulnerability. Improper use of an external cache directory CWE-524 - CVE-2025-64696 Johan Francsics reported this vulnerability to BROTHER INDUSTRIES, LTD. and coordinated. After the coordination, BROTHER INDUSTRIES, LTD...

CVE-2025-64696

CVE-2025-64696 affects the Android app Brother iPrint&Scan (versions 6.13.7 and earlier). The root cause is improper use of an external cache directory, which can allow malicious apps to access application-specific files. Impact stated in sources: application-specific files may be accessed by oth...

CVE-2025-64696

Android App "Brother iPrint&Scan" versions 6.13.7 and earlier improperly uses an external cache directory. If exploited, application-specific files may be accessed from other malicious applications...

CVE-2025-64696

Android App "Brother iPrint&Scan" versions 6.13.7 and earlier improperly uses an external cache directory. If exploited, application-specific files may be accessed from other malicious applications...

PT-2025-49824

Android App "Brother iPrint&Scan" versions 6.13.7 and earlier improperly uses an external cache directory. If exploited, application-specific files may be accessed from other malicious applications...

Microsoft Office 安全漏洞

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which is caused due to a type confusion flaw. An...

📄 Android 7 / 8 / 8.1 Pointer Disclosure

A flaw in Android's Binder IPC allowed applications to craft Parcels where binder-object metadata overlapped with string data. When unmarshalling, the kernel inserted genuine kernel pointers into attacker-controlled buffers. These could then be echoed back through services like clipboard, resulti...

CVE-2025-48590

CVE-2025-48590 affects the Android Framework component AppOpsService (verifyAndGetBypass). The issue describes a resource-exhaustion path that could allow a malicious local app to prevent dialing emergency services, causing local DoS without extra privileges or user interaction. Impact is limited...

Android Malware FvncBot, SeedSnatcher, and ClayRat Gain Stronger Data Theft Features

Cybersecurity researchers have disclosed details of two new Android malware families dubbed FvncBot and SeedSnatcher , as another upgraded version of ClayRat has been spotted in the wild. The findings come from Intel 471, CYFIRMA, and Zimperium, respectively. FvncBot, which masquerades as a...

A week in security (December 1 – December 7)

Last week on Malwarebytes Labs: Leaks show Intellexa burning zero-days to keep Predator spyware running How scammers use fake insurance texts to steal your identity Canadian police trialing facial recognition bodycams Update Chrome now: Google fixes 13 security issues affecting billions Attackers...

Google Android 安全漏洞

Google Android is a free and open source mobile operating system based on the Linux kernel developed by Google. Google Android suffers from an improper input validation vulnerability that can be exploited by an attacker to cause a local elevation of privilege...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from the American company Google. A security vulnerability exists in Google Android that stems from improper input validation, which could lead to local elevation of privilege and background activity initiation...

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from Google, Inc. in the United States. Google Android suffers from a buffer error vulnerability that stems from improper input validation and could lead to local elevation of privilege...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, an American company. A security vulnerability exists in Google Android that stems from a logic error that could lead to a local denial of service...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, Inc. in the United States. A security vulnerability exists in Google Android, which stems from an error in code logic in the startAlwaysOnVpn method of the Vpn.java file, which causes the always-on VPN feature to be disable...

Google Android 安全漏洞

Google Android is a free and open source mobile operating system based on the Linux kernel developed by Google. Google Android suffers from a logic error vulnerability that stems from a code logic error, and no details of the vulnerability are provided at this time...

Google Android 安全漏洞

Google Android is a free and open source mobile operating system based on the Linux kernel developed by Google. Google Android suffers from a logic error vulnerability that stems from a logic error issue in Session.java, which can be exploited by an attacker to view images of other users on the...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, Inc. in the United States. A security vulnerability exists in Google Android that stems from a logic error issue in Session.java that could lead to viewing images of other users on the device...

Google Android 安全漏洞

Google Android is a free and open source mobile operating system based on the Linux kernel developed by Google. Google Android suffers from a competitive condition vulnerability that can be exploited by an attacker to cause bypassing of intent filters and local elevation of privilege...