2022 matches found
Palm Zhenyi app design loophole
Palm ZJI APP is a mobile application developed by the First Hospital Affiliated to Zhejiang University School of Medicine ZJU-S1 to alleviate the tediousness of traditional medical consultation time. A design vulnerability exists in the Palm ZJI App. An attacker can bypass the check by constructi...
CVE-2016-3898
Telephony in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows attackers to cause a denial of service loss of locked-screen 911 TTY functionality via a crafted application that modifies the TTY mode by broadcasting an intent, aka internal bug...
UBUNTU-CVE-2016-3898
Telephony in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows attackers to cause a denial of service loss of locked-screen 911 TTY functionality via a crafted application that modifies the TTY mode by broadcasting an intent, aka internal bug...
The vulnerability of the Android operating system allows a hacker to increase the priority of the intent-filter filter.
The vulnerability in the services/core/java/com/android/server/pm/PackageManagerService.java file of the Android operating system’s API is caused by a buffer overflow. Exploiting this vulnerability could allow an attacker to increase the priority of the intent-filter filter through a specially...
CVE-2015-3854
packages/SystemUI/src/com/android/systemui/power/PowerNotificationWarnings.java in Android 5.x allows attackers to bypass a DEVICEPOWER permission requirement via a broadcast intent with the PNW.stopSaver action, aka internal bug 20918350...
CVE-2015-3854
packages/SystemUI/src/com/android/systemui/power/PowerNotificationWarnings.java in Android 5.x allows attackers to bypass a DEVICEPOWER permission requirement via a broadcast intent with the PNW.stopSaver action, aka internal bug 20918350...
CVE-2016-2497
services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to increase intent-filter priority via a crafted application, aka internal bug 27450489...
Code injection
services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to increase intent-filter priority via a crafted application, aka internal bug 27450489...
CVE-2016-2497
services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to increase intent-filter priority via a crafted application, aka internal bug 27450489...
UBUNTU-CVE-2016-2497
services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to increase intent-filter priority via a crafted application, aka internal bug 27450489...
Unspecified Vulnerability in Lenovo SHAREit
Lenovo SHAREit 茄子快传 on Android is a set of file-sharing software based on the Android platform by the Chinese company Lenovo Lenovo. An unspecified vulnerability exists in Lenovo SHAREit versions prior to 3.5.98ww, based on Android platforms prior to version 4.2. A remote attacker can exploit thi...
CVE-2016-4782
Lenovo SHAREit before 3.5.98ww on Android before 4.2 allows remote attackers to have unspecified impact via a crafted intent: URL, aka an "intent scheme URL attack."...
CVE-2016-4782
Lenovo SHAREit before 3.5.98ww on Android before 4.2 allows remote attackers to have unspecified impact via a crafted intent: URL, aka an "intent scheme URL attack."...
Code injection
Lenovo SHAREit before 3.5.98ww on Android before 4.2 allows remote attackers to have unspecified impact via a crafted intent: URL, aka an "intent scheme URL attack."...
CVE-2016-4782
Lenovo SHAREit before 3.5.98ww on Android before 4.2 allows remote attackers to have unspecified impact via a crafted intent: URL, aka an "intent scheme URL attack."...
CVE-2016-4782
The connected Lenovo advisory confirms CVE-2016-4782 affects SHAREit for Android versions older than 3.5.98_ww on devices running Android
Double free
Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x before 2.6 allows remote attackers to execute arbitrary code via a malformed ICC profile that triggers an error in the default intent handler...
CVE-2013-7455
Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x before 2.6 allows remote attackers to execute arbitrary code via a malformed ICC profile that triggers an error in the default intent handler...
CVE-2013-7455
Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x before 2.6 allows remote attackers to execute arbitrary code via a malformed ICC profile that triggers an error in the default intent handler...
USN-2961-1 lcms2 vulnerability
It was discovered that a double free could occur when the intent handling code in the Little CMS library detected an error. An attacker could use this to specially craft a file that caused an application using the Little CMS library to crash or possibly execute arbitrary code...