CVE-2023-30700

PendingIntent hijacking vulnerability in SemWifiApTimeOutImpl in framework prior to SMR Aug-2023 Release 1 allows local attackers to access ContentProvider without proper permission...

CVE-2023-30700

The CVE-2023-30700 issue affects the Android/Samsung framework component SemWifiApTimeOutImpl, where a PendingIntent hijacking vulnerability could allow local attackers to access a ContentProvider without proper permission. Concrete details found in connected sources indicate affected framework v...

CVE-2023-30700

PendingIntent hijacking vulnerability in SemWifiApTimeOutImpl in framework prior to SMR Aug-2023 Release 1 allows local attackers to access ContentProvider without proper permission...

ASB-A-236688380

In openContentUri of ActivityManagerService.java, there is a possible way for a third party app to obtain restricted files due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2020-1905

Media ContentProvider URIs used for opening attachments in other apps were generated sequentially prior to WhatsApp for Android v2.20.185, which could have allowed a malicious third party app chosen to open the file to guess the URIs for previously opened attachments until the opener app is...

Default credentials

The ContentProvider in the Canon PRINT jp.co.canon.bsd.ad.pixmaprint 2.5.5 application for Android does not properly restrict canon.ij.printer.capability.data data access. This allows an attacker's malicious application to obtain sensitive information including factory passwords for the...

Canon PRINT 2.5.5 URI Injection

Exploit Title: Content Provider URI Injection on Canon PRINT 2.5.5 CVE-2019-14339 Date: 24th July, 2019 Exploit Author: 0x48piraj Vendor Homepage: https://www.usa.canon.com/internet/portal/us/home/explore/printing-innovations/mobile-printing/canon-print-app Software Link:...

Exploit for CVE-2019-14339

CVE-2019-14339 Content Provider URI Injection on Canon PRINT...

CVE-2018-9548

In multiple functions of ContentProvider.java, there is a possible permission bypass due to a missing URI validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions:...

Design/Logic Flaw

In multiple functions of ContentProvider.java, there is a possible permission bypass due to a missing URI validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions:...

CVE-2018-9548

In multiple functions of ContentProvider.java, there is a possible permission bypass due to a missing URI validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions:...

CVE-2018-9548

CVE-2018-9548 affects Android: multiple ContentProvider.java functions allow a permission bypass due to missing URI validation, enabling local information disclosure without user interaction. Vulnerable in Android 7.0–7.1.2, 8.0–8.1, and 9.0. Mitigation is to apply patches from the 2018-12-01/12-...

Code injection

The ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict data access. This allows an attacker's application to read scanned documents...

PayBox - Customized SSL, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application PayBox published at the 'play' market has multiple vulnerabilities...

Udacity - Lifelong Learning - Customized SSL, Exported ContentProvider, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Udacity - Lifelong Learning published at the 'play' market has multiple vulnerabilities...

CryptoShield - Exported ContentProvider, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application CryptoShield published at the 'play' market has multiple vulnerabilities...

Endless Frontier Saga – RPG Online - Certificates or keys found, Corrupted files, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application Endless Frontier Saga – RPG Online published at the 'play' market has multiple vulnerabilities...

Flash Keyboard - Emoji & Theme - Dangerous filesystem permissions, Exported ContentProvider, Runtime privilege escalation vulnerabilities

HackApp vulnerability scanner discovered that application Flash Keyboard - Emoji & Theme published at the 'play' market has multiple vulnerabilities...

VK - Certificates or keys found, Exported ContentProvider, Exported components vulnerabilities

HackApp vulnerability scanner discovered that application VK published at the 'play' market has multiple vulnerabilities...

Упражнения для глаз PRO *FREE - Base64 encoded String, Exported ContentProvider, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Упражнения для глаз PRO FREE published at the 'play' market has multiple vulnerabilities...