EUVD-2021-26326

Malware in sbrugna...

EUVD-2022-30988

Malicious code in bioql PyPI...

CVE-2023-46763

Vulnerability of background app permission management in the framework module. Successful exploitation of this vulnerability may cause background apps to start maliciously...

CVE-2021-39970

HwPCAssistant has a Improper Input Validation vulnerability.Successful exploitation of this vulnerability may create any file with the system app permission...

CVE-2021-37079

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete arbitrary file by systemapp permission...

ASB-A-300904123

In bindAndGetCallIdentification of CallScreeningServiceHelper.java, there is a possible way to maintain a while-in-use permission in the background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...

PT-2023-28530 · Unisoc (Shanghai) Technologies Co. +1 · Sc7731E/Sc9832E/Sc9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 +1

Name of the Vulnerable Software and Affected Versions: Firewall service affected versions not specified Description: The issue is related to a missing permission check in the firewall service, which could allow writing permission usage records of an app. This may lead to local information...

CVE-2023-32357

CVE-2023-32357 is an authorization issue affecting Apple platforms. The root cause is improved state management that prevents proper revocation of access, allowing an app to retain access to system configuration files after permissions are revoked. Affected products include watchOS, tvOS, and var...

GHSA-83VP-6JQG-6CMR Incorrect Authentication in shopware

Impact Modify Customers, create Orders without App Permission Patches We recommend updating to the current version 6.4.8.2. You can get the update to 6.4.8.2 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/download/shopware-6 Workarounds For older...

Incorrect Authentication in shopware

Impact Modify Customers, create Orders without App Permission Patches We recommend updating to the current version 6.4.8.2. You can get the update to 6.4.8.2 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/download/shopware-6 Workarounds For older...

CVE-2021-39970

HwPCAssistant has a Improper Input Validation vulnerability.Successful exploitation of this vulnerability may create any file with the system app permission...

CVE-2021-37079

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete arbitrary file by systemapp permission...

PT-2021-21498 · Huawei · Huawei Smartphone

Name of the Vulnerable Software and Affected Versions: Huawei Smartphone affected versions not specified Description: The issue is related to an Improper Input Validation vulnerability. Successful exploitation of this vulnerability may lead to the deletion of arbitrary files by system app...

Privilege escalation

A potential incorrect privilege assignment vulnerability exists in the app permission update API of the Bosch Smart Home Controller SHC before 9.8.905 that may result in a restricted app obtaining default app permissions. In order to exploit the vulnerability, the adversary needs to have...

Android IMSI-Catcher Detector: AIMSICD

AIMSICD is an app to detect IMSI-Catchers . IMSI-Catchers are false mobile towers base stations acting between the target mobile phones and the real towers of service providers. As such they are considered a Man-In-The-Middle MITM attack. In the USA the IMSI-Catcher technology is known under the...