13 matches found
Samsung J6 Access Control Error Vulnerability
The Samsung J6 is a smartphone from the South Korean company Samsung Samsung. The com.samsung.android.themecenter app in the Samsung J6 build fingerprint: samsung/j6ltexx/j6lte:8.0.0/R16NW/J600FNXXU3ASC1: user/release-keys An access control error vulnerability exists. The vulnerability stems from...
Unspecified Vulnerability in Evercoss U50A
Evercoss U50A is a smartphone. A security vulnerability exists in the com.qiku.cleaner app in Evercoss U50A build fingerprint: EVERCOSS/U50A./EVERCOSS:7.0/NRD90M/1499911028:eng/test-keys. An attacker could exploit the vulnerability to modify system properties...
Xiaomi Mi Mix has an unspecified vulnerability
The Xiaomi Mi Mix is a smartphone from Chinese company Xiaomi Technology Xiaomi. A security vulnerability exists in Xiaomi Mi Mix build fingerprint: Xiaomi/lithium/lithium:6.0.1/MXB48T/7.1.5:user/release-keys in Xiaomi/lithium/lithium:6.0.1/MXB48T/7.1 A security vulnerability exists in...
Design/Logic Flaw
The Xiaomi Mi Note 2 Android device with a build fingerprint of Xiaomi/scorpio/scorpio:6.0.1/MXB48T/7.1.5:user/release-keys contains a pre-installed app with a package name of com.miui.powerkeeper app versionCode=40000, versionName=4.0.00 that allows unauthorized wireless settings modification vi...
Authorization
The Allview X5 Android device with a build fingerprint of ALLVIEW/X5SoulMini/X5SoulMini:8.1.0/O11019/1522468763:userdebug/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to...
Design/Logic Flaw
The Samsung S7 Android device with a build fingerprint of samsung/heroltexx/herolte:8.0.0/R16NW/G930FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app versionCode=7000000, versionName=7.0.0.0 that allows other pre-installed apps to...
CVE-2019-15427
CVE-2019-15427 affects the Xiaomi Mi Mix on build Xiaomi/lithium/lithium:6.0.1/MXB48T/7.1.5:user/release-keys. A pre-installed package com.miui.powerkeeper (versionCode 40000, versionName 4.0.00) allows unauthorized wireless settings modification via a confused deputy attack. The vulnerability ca...
CVE-2019-15418
The CVE-2019-15418 entry concerns the ASUS_X00K_1 device running Android 7.0 with a pre-installed app (package com.lovelyfont.defcontainer, versionCode 5, versionName 5.0.1) that enables unauthorized command execution via a confused deputy attack. Affected component is the defcontainer app on the...
CVE-2019-15416
The CVE-2019-15416 entry details a vulnerability in the Sony keyaki_kddi Android device (build Sony/keyaki_kddi/keyaki_kddi:7.1.1/TONE3-3.0.0-KDDI-170517-0326/1:user/dev-keys) where a pre-installed app (com.kddi.android.packageinstaller, v70008 / 08.10.03) exposes an app component that allows oth...
CVE-2019-15404
Technical details (affected products, component, root cause, fixes) are not publicly provided in the connected documents. The CVE entry lacks concrete details in the supplied materials. Monitor for updates from vendor and CVE repositories.
CVE-2019-15397
The CVE-2019-15397 issue affects the Asus ZenFone Max 4 running Android (build asus/WW_Phone/ASUS_X00HD_4:7.1.1/NMF26F/14.2016.1803.373-20180308:user/release-keys). A pre-installed component in package com.asus.loguploaderproxy (versionCode 1570000020, versionName 7.0.0.4_170901) allows other pre...
CVE-2019-15393
The CVE-2019-15393 entry concerns Asus ZenFone Live devices where a pre-installed app (com.asus.atd.smmitest, versionCode=1, versionName=1) permits unauthorized wireless settings modification via a confused-deputy attack. The flaw is triggered by any app co-located on the device and represents a ...
CVE-2019-15378
The Panasonic Eluga Ray 600 Android device with a build fingerprint of Panasonic/ELUGARay600/ELUGARay600:8.1.0/O11019/1532692680:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the...