6 matches found
EUVD-2022-33216
Malicious code in bioql PyPI...
CVE-2022-28777
Improper access control vulnerability in Samsung Members prior to version 13.6.08.5 allows local attacker to execute call function without CALLPHONE permission...
Samsung Members Access Control Error Vulnerability
Samsung Members is a community platform app from Samsung South Korea, Inc. An access control error vulnerability exists in versions prior to Samsung Members 13.6.08.5, which stems from a lack of proper access validation logic. A local attacker could exploit the vulnerability to execute the call...
CVE-2022-28777
Improper access control vulnerability in Samsung Members prior to version 13.6.08.5 allows local attacker to execute call function without CALLPHONE permission...
Security Advisory - Remote Security Bypass Vulnerability on Huawei Android Devices
Android version 4.1.1 - 4.4.2 is prone to a remote security bypass vulnerability CVE-2013-6272: A vulnerability in the Android system allows an attacker to initiate or terminate arbitrary calls without the callphone permission. After investigation, we confirm that some Huawei smartphone and table...
InMobi Ad SDK javaScript绑定不安全WebView内容加载漏洞
InMobi Ad SDK是一款广告软件开发包。 InMobi Ad SDK不正确使用JavaScript绑定并通过HTTP来加载WebView内容,允许可通过中间人攻击的攻击者调用某些Java方法,如应用程序使用的SDK拥有'CALLPHONE'权限的话,可未经用户同意调用任意电话号码。 0 InMobi Ad SDK 3.6.2 InMobi Ad SDK 4.0.2 InMobi Ad SDK 4.0.3已经修复该漏洞,建议用户下载更新: http://www.inmobi.com/products/sdk/...