Full TrustZone

A vulnerability in a modified kernel means that a series of exploits can be used to obtain access to the Trusted Execution Environment...

APK unchecked name

APK signature verification does not check name lengths correctly, creating a difference between how the zip files are verified compared with how they are extracted which allows files in an existing APK to be replaced with new files. Exploited by RockMyMoto...

certifi-gate

Certifi-gate is a set of vulnerabilities in the authorization methods between mobile Remote Support Tool mRST apps and system-level plugs on a device. mRSTs allow remote personnel to offer customers personalized technical support for their devices by replicating a device’s screen and by simulatin...

Volez

Ability to modify a signed OTA recovery package due to an error in the signature verifier...

Mtkfb

Memory write vulnerabilities allow a local user to gain privileges...

StumpRoot

Vulnerability affecting LG devices released between 2012 and 2014...

Fake ID

The software does not properly validate an application's certificate chain. An application can supply a specially crafted application identity certificate to impersonate a privileged application and gain access to vendor-specific device administration extensions. The vulnerability resides in the...

Z2 root exploit

A system vulnerability enables users to obtain root access to some Sony devices via the shell...

APK unsigned shorts

File offsets in zips are supposed to be unsigned but were interpreted as signed allowing different content to be verified from the content executed...

camera-isp - camera-sysr - Vcodec

An exploit on MTK-based devices using the Framaroot app. Actually consists of three exploits: Boromir camera-isp, Faramir camera-sysr and Barahir Vcodec...

LG Lit

Bug in LG backlight driver allows gaining root from local user...

Sensord local root

A vulnerability exploiting the sensord daemon, which runs as root on some devices...