Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-1326

Malware in sbrugna...

7.8CVSS7.7AI score0.00347EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2017/08/01 12:39 p.m.10 views

Amazon Halts Sale of Android Blu Phone Amid Spyware Concerns

Android phone maker Blu Products was dealt a blow Monday when Amazon said it would no longer sell its phones, citing security and privacy issues. The phone maker came under scrutiny last week by researchers at Kryptowire during a Black Hat session where they criticized the company for collecting...

1.2AI score
Exploits0References2
NVD
NVD
added 2017/01/13 9:59 a.m.15 views

CVE-2016-10138

An issue was discovered on BLU Advance 5.0 and BLU R1 HD devices with Shanghai Adups software. The com.adups.fota.sysoper app is installed as a system app and cannot be disabled by the user. In the com.adups.fota.sysoper app's AndroidManifest.xml file, it sets the android:sharedUserId attribute t...

7.8CVSS7.7AI score0.00378EPSS
Exploits0References3
Prion
Prion
added 2017/01/13 9:59 a.m.39 views

Design/Logic Flaw

An issue was discovered on BLU Advance 5.0 and BLU R1 HD devices with Shanghai Adups software. The com.adups.fota.sysoper app is installed as a system app and cannot be disabled by the user. In the com.adups.fota.sysoper app's AndroidManifest.xml file, it sets the android:sharedUserId attribute t...

7.2CVSS7.7AI score0.00378EPSS
Exploits0References3
Prion
Prion
added 2017/01/13 9:59 a.m.13 views

Design/Logic Flaw

An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The two package names involved in the exfiltration are com.adups.fota and com.adups.fota.sysoper. In the com.adups.fota.sysoper app's AndroidManifest.xml file, it sets the android:sharedUserId attribute to a value of...

7.2CVSS7.2AI score0.00347EPSS
Exploits0References3
NVD
NVD
added 2017/01/13 9:59 a.m.13 views

CVE-2016-10136

An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The content provider named com.adups.fota.sysoper.provider.InfoProvider in the app with a package name of com.adups.fota.sysoper allows any app on the device to read, write, and delete files as the system user. In the...

7.8CVSS7.6AI score0.00443EPSS
Exploits0References3
NVD
NVD
added 2017/01/13 9:59 a.m.17 views

CVE-2016-10139

An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The two package names involved in the exfiltration are com.adups.fota and com.adups.fota.sysoper. In the com.adups.fota.sysoper app's AndroidManifest.xml file, it sets the android:sharedUserId attribute to a value of...

7.8CVSS7.6AI score0.00347EPSS
Exploits0References3
NVD
NVD
added 2017/01/13 9:59 a.m.15 views

CVE-2016-10137

An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The content provider named com.adups.fota.sysoper.provider.InfoProvider in the app with a package name of com.adups.fota.sysoper allows any app on the device to read, write, and delete files as the system user. In the...

7.8CVSS7.5AI score0.00347EPSS
Exploits0References3
Prion
Prion
added 2017/01/13 9:59 a.m.15 views

Design/Logic Flaw

An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The content provider named com.adups.fota.sysoper.provider.InfoProvider in the app with a package name of com.adups.fota.sysoper allows any app on the device to read, write, and delete files as the system user. In the...

7.2CVSS7AI score0.00347EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/01/13 9:0 a.m.24 views

CVE-2016-10138

An issue was discovered on BLU Advance 5.0 and BLU R1 HD devices with Shanghai Adups software. The com.adups.fota.sysoper app is installed as a system app and cannot be disabled by the user. In the com.adups.fota.sysoper app's AndroidManifest.xml file, it sets the android:sharedUserId attribute t...

7.7AI score0.00378EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/01/13 9:0 a.m.18 views

CVE-2016-10136

An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The content provider named com.adups.fota.sysoper.provider.InfoProvider in the app with a package name of com.adups.fota.sysoper allows any app on the device to read, write, and delete files as the system user. In the...

7.6AI score0.00443EPSS
Exploits0References3
CVE
CVE
added 2017/01/13 9:0 a.m.44 views

CVE-2016-10139

The CVE-2016-10139 issue affects BLU R1 HD devices running Shanghai Adups software. The com.adups.fota.sysoper app declares android:sharedUserId as android.uid.system, allowing it to run as the privileged system user and grant additional permissions not listed in its manifest. This enables access...

7.8CVSS7.5AI score0.00347EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2017/01/13 9:0 a.m.49 views

CVE-2016-10137

CVE-2016-10137 affects BLU R1 HD devices running Shanghai Adups software. The vulnerability arises from the com.adups.fota.sysoper app (package com.adups.fota.sysoper) exposing InfoProvider to any app on the device, coupled with android:sharedUserId set to android.uid.system, causing execution as...

7.8CVSS7.4AI score0.00347EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/01/13 9:0 a.m.18 views

CVE-2016-10137

An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The content provider named com.adups.fota.sysoper.provider.InfoProvider in the app with a package name of com.adups.fota.sysoper allows any app on the device to read, write, and delete files as the system user. In the...

7.5AI score0.00347EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/01/13 9:0 a.m.21 views

CVE-2016-10139

An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The two package names involved in the exfiltration are com.adups.fota and com.adups.fota.sysoper. In the com.adups.fota.sysoper app's AndroidManifest.xml file, it sets the android:sharedUserId attribute to a value of...

7.6AI score0.00347EPSS
Exploits0References3
CVE
CVE
added 2017/01/13 9:0 a.m.44 views

CVE-2016-10138

CVE-2016-10138 affects BLU Advance 5.0 and BLU R1 HD running Shanghai Adups software. The com.adups.fota.sysoper app is installed as a system app and sets android:sharedUserId to android.uid.system, causing it to run as the system user. It exposes an exported broadcast receiver (com.adups.fota.sy...

7.8CVSS7.6AI score0.00378EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2017/01/13 9:0 a.m.45 views

CVE-2016-10136

CVE-2016-10136 affects BLU R1 HD devices with Shanghai Adups software. The com.adups.fota.sysoper provider InfoProvider, in the com.adups.fota.sysoper app, sets android:sharedUserId to android.uid.system, enabling any app on the device to read, write, and delete files as the system user. This can...

7.8CVSS7.5AI score0.00443EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder