EUVD-2017-17139

Malware in sbrugna...

CVE-2025-43260

This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to hijack entitlements granted to other privileged apps...

CVE-2025-43260

CVE-2025-43260 affects Apple macOS Sequoia (15.6) and macOS Sonoma (14.7.7). The issue could allow an app to hijack entitlements granted to other privileged apps, representing a local-attack surface with low confidentiality/ integrity impact per the provided metrics. The vulnerability is mitigate...

CVE-2023-34157

Vulnerability of HwWatchHealth being hijacked.Successful exploitation of this vulnerability may cause repeated pop-up windows of the app...

CVE-2022-20475

In test of ResetTargetTaskHelper.java, there is a possible hijacking of any app which sets allowTaskReparenting="true" due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product...

CVE-2022-20475

CVE-2022-20475 is an Elevation of Privilege vulnerability in Android (affecting Android-11 through Android-13) tied to ResetTargetTaskHelper.java tests. It enables hijacking of apps that set allowTaskReparenting="true" via a confused deputy, leading to local privilege escalation with no additiona...

CVE-2022-20475

In test of ResetTargetTaskHelper.java, there is a possible hijacking of any app which sets allowTaskReparenting="true" due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product...

CVE-2022-20475

In test of ResetTargetTaskHelper.java, there is a possible hijacking of any app which sets allowTaskReparenting="true" due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product...

Application Hijacking Vulnerability in Beijing Traffic Police Android Client

Beijing Traffic Police APP is used to handle traffic control business processing and information services. An application hijacking vulnerability exists in the Beijing Traffic Police Android client. An attacker can exploit this vulnerability to obtain sensitive information...

CVE-2017-8177

Huawei APP HiWallet earlier than 5.0.3.100 versions do not support signature verification for APK file. An attacker could exploit this vulnerability to hijack the APK and upload modified APK file. Successful exploit could lead to the APP is hijacking...

Lack of signature authentication vulnerability in some Huawei apps

Some Huawei APPs are vulnerable to lack of signature verification. Since some Huawei APPs do not support APK file signature verification. Attackers can use this vulnerability to hijack and replace APK files. Successful exploitation can lead to APP hijacking...

Affect tens of millions of APP the Android APP“parasitic beast”vulnerability technical analysis-vulnerability warning-the black bar safety net

3 6 0 mobile security research team vulpecker recently discovered a new Android app security vulnerabilities, the market tens of millions of apps are affected by the vulnerability. The vulnerability once attacker, it can be directly on the user's mobile phone implanted Trojans to steal the user's...