Malicious Package

Overview Modern.Winform.UI is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on the victim's machin...

Malicious Package

Overview Kraken.Exchange is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on the victim's machine,...

CVE-2023-41310

Keep-alive vulnerability in the sticky broadcast mechanism. Successful exploitation of this vulnerability may cause malicious apps to run continuously in the background...

Huawei HarmonyOS Resource Management Error Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a keep-alive vulnerability in the sticky broadcast mechanism. Successful exploitation o...

CVE-2023-21129

In getFullScreenIntentDecision of NotificationInterruptStateProviderImpl.java, there is a possible activity launch while the app is in the background due to a BAL bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed fo...

PT-2023-17750 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to the getSliceEndItem function in MediaVolumePreferenceController.java, where an unsafe PendingIntent could allow starting a foreground activity from the background. This could le...

CVE-2022-20356

In shouldAllowFgsWhileInUsePermissionLocked of ActiveServices.java, there is a possible way to start foreground service from background due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed...

PT-2022-23747 · Systemui · Systemui

Name of the Vulnerable Software and Affected Versions: SystemUI affected versions not specified Description: The issue is related to a privilege escalation vulnerability in the SystemUI module. This vulnerability can be exploited by malicious applications to pop up windows or run in the backgroun...

HUAWEI HarmonyOS 安全漏洞

HUAWEI HarmonyOS is an operating system from the Chinese company Huawei HUAWEI. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in HUAWEI HarmonyOS version 2.0, which stems from an override vulnerability in the SystemUI module, whic...

ASB-A-140108616

In postNotification of ServiceRecord.java, there is a possible bypass of foreground process restrictions due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Apple iOS kernel security bypass vulnerability

Apple iOS is an operating system developed by Apple Inc. for mobile devices. kernel is one of the kernel components. A security vulnerability exists in the kernel of Apple iOS versions prior to 8.4.1, which stems from a failure of the program to properly restrict debugging functionality. An...

Input validation

The kernel in Apple iOS before 8.4.1 does not properly restrict debugging features, which allows attackers to bypass background-execution limitations via a crafted app...

Siemens SIMATIC WinCC Sm@rtClient app Local Security Bypass Vulnerability

Siemens SIMATIC WinCC is the monitoring control and data acquisition SCADA and HMI system. A security bypass vulnerability exists in previous versions of the Siemens SIMATIC WinCC Sm@rtClient app that allows a local user to bypass predetermined application password requirements by running the...