EUVD-2019-6342

Malware in sbrugna...

EUVD-2009-3671

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-6448

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dalvikdisassemble function in libr/asm/p/asmdalvik.c in radare2 1.2.1 allows remote attackers to cause a denial of service stack-based buffer overflow and...

Linux Distros Unpatched Vulnerability : CVE-2017-9520

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The rconfigset function in libr/config/config.c in radare2 1.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a...

CVE-2019-15346

The Tecno Camon iClick 2 Android device with a build fingerprint of TECNO/H622/TECNO-ID6:8.1.0/O11019/F-180824V116:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...

CVE-2015-9547

An issue was discovered on Samsung mobile devices with JBP4.3 and KK4.4.2 software. Because the READLOGS permission is mishandled, sensitive information is disclosed in a world-readable copy of the log file if the error message is "Unhandled exception in Dalvik VM," "Application not responding AN...

DroidLysis - Property Extractor For Android Apps

DroidLysis is a pre-analysis tool for Android apps: it performs repetitive and boring tasks we'd typically do at the beginning of any reverse engineering. It disassembles the Android sample, organizes output in directories, and searches for suspicious spots in the code to look at. The output help...

R2Frida - Radare2 And Frida Better Together

This is a self-contained plugin for radare2 that allows to instrument remote processes using frida. The radare project brings a complete toolchain for reverse engineering, providing well maintained functionalities and extend its features with other programming languages and tools. Frida is a...

Fedora: Security Advisory for enjarify (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: enjarify-1.0.3-35.fc40

Android applications are Java programs that run on a customized virtual machine, which is part of the Android operating system, the Dalvik VM. Their bytecode differs from the bytecode of normal Java applications. Enjarify can translate the Dalvik bytecode back to equivalent Java bytecode, which...

Fluhorse: Flutter-Based Android Malware Targets Credit Cards and 2FA Codes

Cybersecurity researchers have shared the inner workings of an Android malware family called Fluhorse. The malware "represents a significant shift as it incorporates the malicious components directly within the Flutter code," Fortinet FortiGuard Labs researcher Axelle Apvrille said in a report...

PT-2022-23135 · Rizin · Rizin

Name of the Vulnerable Software and Affected Versions: Rizin versions 0.4.0 and prior Description: The issue affects a UNIX-like reverse engineering framework and command-line toolset, allowing an attacker to execute code on a user's machine when a malicious DEX file is opened. This is due to an...

ASB-A-206090748

In multiple functions of odsignmain.cpp, there is a possible way to persist system attack due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

Warning — 5 New Trojanized Android Apps Spying On Users In Pakistan

Cybersecurity researchers took the wraps off a new spyware operation targeting users in Pakistan that leverages trojanized versions of legitimate Android apps to carry out covert surveillance and espionage. Designed to masquerade apps such as the Pakistan Citizen Porta l, a Muslim prayer-clock ap...

CVE-2020-25049

An issue was discovered on Samsung mobile devices with P9.0 and Q10.0 software. StatusBarService has insufficient DEX access control. The Samsung ID is SVE-2020-17797 August 2020...

Design/Logic Flaw

An issue was discovered on Samsung mobile devices with JBP4.3 and KK4.4.2 software. Because the READLOGS permission is mishandled, sensitive information is disclosed in a world-readable copy of the log file if the error message is "Unhandled exception in Dalvik VM," "Application not responding AN...

GDA Android Reversing Tool - A New Decompiler Written Entirely In C++, So It Does Not Rely On The Java Platform, Which Is Succinct, Portable And Fast, And Supports APK, DEX, ODEX, Oat

Here, a new Dalvik bytecode decompiler, GDA（this project started in 2013 and released its first version 1.0 in 2015 at www.gda.com: 9090 , is proposed and implemented in C++ to provide more sophisticated, fast and convenient decompilation support. GDA is completely self-independent and very stabl...

Quark-Engine - An Obfuscation-Neglect Android Malware Scoring System

An Obfuscation-Neglect Android Malware Scoring System Concepts Android malware analysis engine is not a new story. Every antivirus company has their own secrets to build it. With curiosity, we develop a malware scoring system from the perspective of Taiwan Criminal Law in an easy but solid way. W...

CVE-2019-15341

The Tecno Camon iAir 2 Plus Android device with a build fingerprint of TECNO/H622/TECNO-ID3k:8.1.0/O11019/E-180914V83:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...

Input validation

The Tecno Camon iAir 2 Plus Android device with a build fingerprint of TECNO/H622/TECNO-ID3k:8.1.0/O11019/E-180914V83:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...