CVE-2017-0809

A remote code execution vulnerability in the Android media framework libstagefright. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62673128...

Full TrustZone

A vulnerability in a modified kernel means that a series of exploits can be used to obtain access to the Trusted Execution Environment...

certifi-gate

Certifi-gate is a set of vulnerabilities in the authorization methods between mobile Remote Support Tool mRST apps and system-level plugs on a device. mRSTs allow remote personnel to offer customers personalized technical support for their devices by replicating a device’s screen and by simulatin...

Fake ID

The software does not properly validate an application's certificate chain. An application can supply a specially crafted application identity certificate to impersonate a privileged application and gain access to vendor-specific device administration extensions. The vulnerability resides in the...

Z2 root exploit

A system vulnerability enables users to obtain root access to some Sony devices via the shell...

Volez

Ability to modify a signed OTA recovery package due to an error in the signature verifier...

StumpRoot

Vulnerability affecting LG devices released between 2012 and 2014...

APK unsigned shorts

File offsets in zips are supposed to be unsigned but were interpreted as signed allowing different content to be verified from the content executed...

camera-isp - camera-sysr - Vcodec

An exploit on MTK-based devices using the Framaroot app. Actually consists of three exploits: Boromir camera-isp, Faramir camera-sysr and Barahir Vcodec...

LG Lit

Bug in LG backlight driver allows gaining root from local user...

Mtkfb

Memory write vulnerabilities allow a local user to gain privileges...

Sensord local root

A vulnerability exploiting the sensord daemon, which runs as root on some devices...