18 matches found
EUVD-2018-6883
Malware in sbrugna...
EUVD-2018-6882
Malware in sbrugna...
EUVD-2018-6884
Malware in sbrugna...
CVE-2018-15000
The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys contains a platform app with a package name of com.vivo.smartshot versionCode=1, versionName=3.0.0. This app contains an exported service named...
CVE-2018-15000
The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys contains a platform app with a package name of com.vivo.smartshot versionCode=1, versionName=3.0.0. This app contains an exported service named...
Directory traversal
The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys contains a platform app with a package name of com.vivo.smartshot versionCode=1, versionName=3.0.0. This app contains an exported service named...
CVE-2018-15000
The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys contains a platform app with a package name of com.vivo.smartshot versionCode=1, versionName=3.0.0. This app contains an exported service named...
CVE-2018-15000
CVE-2018-15000 — Concrete details exist: on Vivo V7 devices (build vivo/1718/1718:7.1.2/N2G47H/...) a platform app with package name com.vivo.smartshot includes an exported service ScreenRecordService that can record the screen for 60 minutes and write the resulting MP4 to a location chosen by th...
Code injection
The Vivo V7 device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys allows any app co-located on the device to set system properties as the com.android.phone user. The com.qualcomm.qti.modemtestmode app versionCode=25, versionName=7.1.2 that contains an...
Design/Logic Flaw
The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys contains a platform app with a package name of com.vivo.bsptest versionCode=1, versionName=1.0 containing an exported activity app component named com.vivo.bsptest.BSPTestActivity...
CVE-2018-15001
The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys contains a platform app with a package name of com.vivo.bsptest versionCode=1, versionName=1.0 containing an exported activity app component named com.vivo.bsptest.BSPTestActivity...
CVE-2018-15001
The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys contains a platform app with a package name of com.vivo.bsptest versionCode=1, versionName=1.0 containing an exported activity app component named com.vivo.bsptest.BSPTestActivity...
CVE-2018-15002
The Vivo V7 device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys allows any app co-located on the device to set system properties as the com.android.phone user. The com.qualcomm.qti.modemtestmode app versionCode=25, versionName=7.1.2 that contains an...
CVE-2018-15002
The Vivo V7 device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys allows any app co-located on the device to set system properties as the com.android.phone user. The com.qualcomm.qti.modemtestmode app versionCode=25, versionName=7.1.2 that contains an...
CVE-2018-15001
The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys contains a platform app with a package name of com.vivo.bsptest versionCode=1, versionName=1.0 containing an exported activity app component named com.vivo.bsptest.BSPTestActivity...
CVE-2018-15002
The Vivo V7 device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys allows any app co-located on the device to set system properties as the com.android.phone user. The com.qualcomm.qti.modemtestmode app versionCode=25, versionName=7.1.2 that contains an...
CVE-2018-15001
The CVE-2018-15001 entry concerns the Vivo V7 Android device (build vivo/1718/1718:7.1.2/N2G47H/...) where a platform app with package com.vivo.bsptest (BSPTestActivity, versionCode 1, versionName 1.0) exposes an exported activity that lets any co-located app initiate writing of logcat, Bluetooth...
CVE-2018-15002
Summary: CVE-2018-15002 affects the Vivo V7 on specific build fingerprints. The issue arises because the com.qualcomm.qti.modemtestmode.MbnTestService, exposed by the modemtestmode app, lets any co-located app supply key–value pairs to set system properties as the com.android.phone user. A key de...