EUVD-2019-6342

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-6448

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dalvikdisassemble function in libr/asm/p/asmdalvik.c in radare2 1.2.1 allows remote attackers to cause a denial of service stack-based buffer overflow and...

Linux Distros Unpatched Vulnerability : CVE-2017-9520

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The rconfigset function in libr/config/config.c in radare2 1.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a...

CVE-2019-15346

The Tecno Camon iClick 2 Android device with a build fingerprint of TECNO/H622/TECNO-ID6:8.1.0/O11019/F-180824V116:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...

The vulnerability of the zlib compression library in the “Avora” operating system allows a hacker to cause a service failure or have an unpredictable impact.

The vulnerability of the zlib compression library in the “Avora” operating system is related to integer overflows. Exploiting this vulnerability can allow attackers to cause service failures or have unpredictable effects using specially crafted .apk or .dex files...

CVE-2019-15341

The Tecno Camon iAir 2 Plus Android device with a build fingerprint of TECNO/H622/TECNO-ID3k:8.1.0/O11019/E-180914V83:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...

Input validation

The Tecno Camon iAir 2 Plus Android device with a build fingerprint of TECNO/H622/TECNO-ID3k:8.1.0/O11019/E-180914V83:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...

CVE-2019-15350

The CVE-2019-15350 entry describes a vulnerability on Tecno Camon Android devices where a pre-installed platform app (com.lovelyfont.defcontainer, versionCode 7) exposes an exported service (com.lovelyfont.manager.service.FunctionService) that allows any local app to supply a Dex file path, which...

CVE-2019-15346

The Tecno Camon iClick 2 Android device with a build fingerprint of TECNO/H622/TECNO-ID6:8.1.0/O11019/F-180824V116:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...

Joker Spyware Found in 24 Google Play Apps

A new spyware has been making the rounds in Android apps on Google Play, infecting victims post-download to steal their SMS messages, contact lists and device information. In addition to stealing victims’ information, the malware also stealthily signs them up for premium service subscriptions tha...

UBUNTU-CVE-2018-10187

In radare2 2.5.0, there is a heap-based buffer over-read in the dalvikop function libr/anal/p/analdalvik.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted DEX file. Note that this issue is different from CVE-2018-8809, which was patched earlier...

CVE-2018-8809

In radare2 2.4.0, there is a heap-based buffer over-read in the dalvikop function of analdalvik.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file...

UBUNTU-CVE-2017-6448

The dalvikdisassemble function in libr/asm/p/asmdalvik.c in radare2 1.2.1 allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted DEX file...

The vulnerability of the Kaspersky Anti-Virus antivirus protection allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of Kaspersky Anti-Virus lies in the insufficient processing of a specific format string, which leads to buffer overflows. Exploiting this vulnerability can allow an attacker to cause service interruptions or execute arbitrary code using DEX files during the antivirus software’s...