1919 matches found
An Empirical Comparison of Security and Privacy Characteristics of Android Messaging Apps
Mobile messaging apps are a fundamental communication infrastructure, used by billions of people every day to share information, including sensitive data. Security and Privacy are thus critical concerns for such applications. Although the cryptographic protocols prevalent in messaging apps are...
EUVD-2021-10343
Malware in sbrugna...
CVE-2021-23244
ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But some apps in whitelist is not installed, attacker can disguise app with the same package name to obtain dangerous permission...
PUB-A-225880325
In updatePermissionTreeSourcePackage of PermissionManagerServiceImpl.java, there is a possible way to obtain dangerous permissions without user consent due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interacti...
CVE-2023-20971
In removePermission of PermissionManagerServiceImpl.java, there is a possible way to obtain dangerous permissions without user consent due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed...
PT-2023-17759 · Google · Android
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a logic error in the removePermission method of PermissionManagerServiceImpl.java, which could allow obtaining dangerous...
PurplePanda - Identify Privilege Escalation Paths Within And Across Different Clouds
This tool fetches resources from different cloud/saas applications focusing on permissions in order to identifyprivilege escalation paths and dangerous permissions in the cloud/saas configurations. Note that PurplePanda searches both privilegesescalation paths within a platform and across...
CVE-2021-23244
ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But some apps in whitelist is not installed, attacker can disguise app with the same package name to obtain dangerous permission...
Design/Logic Flaw
ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But some apps in whitelist is not installed, attacker can disguise app with the same package name to obtain dangerous permission...
CVE-2021-23244
ColorOS is affected by a vulnerability where dangerous permissions are pre-granted to apps listed in a whitelist XML named default-grant-permissions. If an app from the whitelist is not installed, an attacker can masquerade with the same package name to obtain those dangerous permissions. The iss...
CVE-2021-23244
ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But some apps in whitelist is not installed, attacker can disguise app with the same package name to obtain dangerous permission...
OPPO ColorOS 安全漏洞
OPPO ColorOS is a suite of Android-based operating systems for mobile devices from China's OPPO Guangdong Mobile Communications OPPO. ColorOS suffers from a security vulnerability that stems from ColorOS pre-granting dangerous permissions to applications listed in a whitelisted xml named...
CVE-2021-25428
Improper validation check vulnerability in PackageManager prior to SMR July-2021 Release 1 allows untrusted applications to get dangerous level permission without user confirmation in limited circumstances...
CVE-2021-25428
Improper validation check vulnerability in PackageManager prior to SMR July-2021 Release 1 allows untrusted applications to get dangerous level permission without user confirmation in limited circumstances...
Input validation
Improper validation check vulnerability in PackageManager prior to SMR July-2021 Release 1 allows untrusted applications to get dangerous level permission without user confirmation in limited circumstances...
CVE-2021-25428
Improper validation check vulnerability in PackageManager prior to SMR July-2021 Release 1 allows untrusted applications to get dangerous level permission without user confirmation in limited circumstances...
100s of Flashlight apps on Play Store ask for dangerous permissions
By Sudais Just now Avast has released a report that details an analysis of 937 flashlight apps on Google's Play Store and the variety of permissions that they seek which can be categorized into the following. This is a post from HackRead.com Read the original post: 100s of Flashlight apps on Play...
More than Half of Android apps ask for dangerous permissions. Is yours among?
By John Mason It wasn’t very long ago that I revealed that most free VPN services are provided as a front for the big corporations running them to collect user that. Spurred by the findings of that study, I decided to dig deeper to see how much of a threat, especially when it comes to user data,...
biFoto - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application biFoto published at the 'play' market has multiple vulnerabilities...
90 numbers - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application 90 numbers published at the 'play' market has multiple vulnerabilities...