Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2026/04/04 5:37 a.m.8 views

@mobilenext/mobile-mcp: Arbitrary Android Intent Execution via mobile_open_url

Summary The mobileopenurl tool in mobile-mcp passes user-supplied URLs directly to Android's intent system without any scheme validation, allowing execution of arbitrary Android intents, including USSD codes, phone calls, SMS messages, and content provider access. Details The vulnerable code pass...

8.8CVSS6.3AI score0.00387EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2025/05/07 8:24 a.m.45 views

CVE-2025-20974

Summary: CVE-2025-20974 concerns Samsung’s PackageInstallerCN. Multiple connected sources confirm the issue is due to improper handling of insufficient permissions in PackageInstallerCN before version 15.0.11.0, enabling a local attacker to bypass user interaction for requested installations. Aff...

6.1CVSS6.1AI score0.00124EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/07 12:0 a.m.4 views

SAMSUNG PackageInstallerCN 安全漏洞

SAMSUNG PackageInstallerCN is a package installer from Samsung South Korea. A security vulnerability exists in SAMSUNG PackageInstallerCN prior to version 15.0.11.0, which stems from mishandling of insufficient privileges, and could allow a local attacker to bypass user interaction for installati...

6.1CVSS6.3AI score0.00124EPSS
Exploits0References1
Metasploit
Metasploit
added 2020/03/04 4:2 a.m.43 views

Install Python for Windows

This module places an embeddable Python3 distribution onto the target file system, granting pentesters access to a lightweight Python interpreter. This module does not require administrative privileges or user interaction with installation prompts. This module requires Metasploit:...

0.2AI score
Exploits0
Rows per page
Query Builder