26 matches found
EUVD-2015-2117
Malware in sbrugna...
EUVD-2015-2133
Malware in sbrugna...
EUVD-2015-2116
Malware in sbrugna...
MetaIO SDK for Android Arbitrary Code Execution Vulnerability
MetaIO SDK for Android is a software development kit for building augmented reality applications based on the Android platform. A security vulnerability exists in versions of MetaIO SDK for Android prior to 6.0.2.1. The vulnerability can be exploited to execute arbitrary code via the finalize...
Jumio SDK for Android Arbitrary Code Execution Vulnerability
Jumio SDK for Android is a software development kit for building authentication applications using biometrics based on the Android platform. A security vulnerability exists in versions of Jumio SDK for Android prior to 1.5.0. The vulnerability can be exploited to execute arbitrary code via the...
GraceNote GNSDK SDK for Android Arbitrary Code Execution Vulnerability
GraceNote GNSDK SDK for Android is a software development kit for building music applications based on the Android platform that recognizes CDs, digital music files, streaming audio, and more. A security vulnerability exists in versions of GraceNote GNSDK SDK for Android prior to 1.1.7. An attack...
CVE-2015-2020
The MyScript SDK before 1.3 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
Code injection
The PJSIP PJSUA2 SDK before SVN Changeset 51322 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2001
The MetaIO SDK before 6.0.2.1 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
Code injection
The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2004
The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2002
The ESRI ArcGis Runtime SDK before 10.2.6-2 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
Code injection
The MyScript SDK before 1.3 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2000
The Jumio SDK before 1.5.0 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2003
The PJSIP PJSUA2 SDK before SVN Changeset 51322 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
Code injection
The Jumio SDK before 1.5.0 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
Code injection
The ESRI ArcGis Runtime SDK before 10.2.6-2 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2003
Summary: CVE-2015-2003 affects the PJSIP PJSUA2 SDK for Android prior to SVN Changeset 51322. The underlying issue is in a Serializable class’s finalize method, which improperly passes an attacker-controlled pointer to a native function, enabling arbitrary code execution. Documents consistently d...
CVE-2015-2004
The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...
CVE-2015-2003
The PJSIP PJSUA2 SDK before SVN Changeset 51322 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function...