gt4-play.co.uk Cross Site Scripting vulnerability OBB-3728897

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-21266

In multiple functions of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21266

In multiple functions of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Design/Logic Flaw

In killBackgroundProcesses of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21266

In multiple functions of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

UBUNTU-CVE-2023-21266

In multiple functions of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21266

CVE-2023-21266 affects Android’s ActivityManagerService.java, describing a permissions bypass that could enable local escalation of privilege with no additional execution privileges required. Exploitation is stated to require no user interaction. The connected documents consistently frame this as...

PT-2023-18047 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The issue is related to a permissions bypass in the killBackgroundProcesses function of ActivityManagerService.java, which could allow escaping Google Play protection. This might lead to...

Google Android Security Vulnerability

Google Android is a Linux-based open source operating system from Google Inc. in the United States. Google Android suffers from a security vulnerability that originates in killBackgroundProcesses in ActivityManagerService.java, which can be exploited to evade Google Play protections via privilege...

Android 14 Security Release NotesStay organized with collectionsSave and categorize content based on your preferences.

This Android Security Release Notes contains details of security vulnerabilities affecting Android devices which are addressed as part of Android 14. Android 14 devices with a security patch level of 2023-10-01 or later are protected against these issues Android 14 , as released on AOSP, will hav...

Android Security Bulletin—October 2023Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2023-10-06 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

CVE-2022-47848

An issue was discovered in Bezeq Vtech NB403-IL version BZ2.02.07.09.13.01 and Vtech IAD604-IL versions BZ2.02.07.09.13.01, BZ2.02.07.09.13T, and BZ2.02.07.09.09T, allows remote attackers to gain sensitive information via rootDesc.xml page of the UPnP service...

D-Link DIR-619L /bin/mini_upnpd Buffer Overflow Vulnerability

D-Link DIR-619L is a home wireless router from AUO D-Link, designed for home and small office environments, utilizing the IEEE 802.11n wireless standard with a maximum transmission rate of 300Mbps. The D-Link DIR-619L suffers from a buffer overflow vulnerability that originates from improper inpu...

Fake Signal and Telegram Apps in the Google Play Store

Google removed fake Signal and Telegram apps from its Play store. An app with the name Signal Plus Messenger was available on Play for nine months and had been downloaded from Play roughly 100 times before Google took it down last April after being tipped off by security firm ESET. It was also...

Minor update(2) for Vivaldi Android Browser 6.2

Head to the Google Play Store and download the browser. Alternatively, you can download Vivaldi from Uptodown, the Android app store. Your rating for our browser matters. ⭐️ ⭐️ ⭐️ ⭐️ ⭐️ Enjoy! Changelog The following is a list of changes since the first 6.2 stable, minor update: Chromium Upgraded...

Millions Infected by Spyware Hidden in Fake Telegram Apps on Google Play

Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store that's designed to harvest sensitive information from compromised Android devices. According to Kaspersky security researcher Igor Golovin, the apps come with nefarious features to capture and...

Evil Telegram doppelganger attacks Chinese users

UPDATE 11.09.2023. Google has informed us that all the apps were deleted from the Google Play store A while ago we discovered a bunch of Telegram mods on Google Play with descriptions in traditional Chinese, simplified Chinese and Uighur. The vendor says these are the fastest apps which use a...

Zero-Day Alert: Latest Android Patch Update Includes Fix for Newly Actively Exploited Flaw

Google has rolled out monthly security patches for Android to address a number of flaws, including a zero-day bug that it said may have been exploited in the wild. Tracked as CVE-2023-35674, the high-severity vulnerability is described as a case of privilege escalation impacting the Android...

How to add custom app icon in Android Play Store applications

...

China-Linked BadBazaar Android Spyware Targeting Signal and Telegram Users

Cybersecurity researchers have discovered malicious Android apps for Signal and Telegram distributed via the Google Play Store and Samsung Galaxy Store that are engineered to deliver the BadBazaar spyware on infected devices. Slovakian company ESET attributed the campaign to a China-linked actor...