Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
android vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2019-20545
An issue exists on Samsung mobile devices with O(8.x) and P(9.0) (Exynos chipsets) software. A buffer overflow in the HDCP Trustlet affects secure TEEGRIS memory. The Samsung ID is SVE-2019-15283 (November 2019).
Google Android 8.0
Google Android 8.1
Google Android 9.0
10
CVSSv2
CVE-2020-10837
An issue exists on Samsung mobile devices with P(9.0) and Q(10.0) (with TEEGRIS) software. The Esecomm Trustlet allows a stack overflow and arbitrary code execution. The Samsung ID is SVE-2019-15984 (February 2020).
Google Android 9.0
Google Android 10.0
10
CVSSv2
CVE-2020-10848
An issue exists on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos 9810 chipsets) software. Arbitrary memory mapping exists in TEE. The Samsung ID is SVE-2019-16665 (February 2020).
Google Android 8.0
Google Android 8.1
Google Android 9.0
Google Android 10.0
10
CVSSv2
CVE-2020-10850
An issue exists on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The secure bootloade has a buffer overflow of the USB buffer, leading to arbitrary code execution. The Samsung ID is SVE-2019-15872 (January 2020).
Google Android 8.0
Google Android 8.1
Google Android 9.0
Google Android 10.0
10
CVSSv2
CVE-2019-14514
An issue exists in Microvirt MEmu all versions before 7.0.2. A guest Android operating system inside the MEmu emulator contains a /system/bin/systemd binary that is run with root privileges on startup (this is unrelated to Red Hat's systemd init program, and is a closed-sour...
Microvirt Memu
1 Github repository
10
CVSSv2
CVE-2020-8001
The Intellian Aptus application 1.0.2 for Android has a hardcoded password of intellian for the masteruser FTP account.
Intelliantech Aptus 1.0.2
10
CVSSv2
CVE-2019-9493
The MyCar Controls of AutoMobility Distribution Inc., mobile application contains hard-coded admin credentials. A remote unauthenticated attacker may be able to send commands to and retrieve data from a target MyCar unit. This may allow the malicious user to learn the location of...
Mycarcontrols Mycar Controls
10
CVSSv2
CVE-2019-16273
DTEN D5 and D7 prior to 1.3.4 devices allow unauthenticated root shell access through Android Debug Bridge (adb), leading to arbitrary code execution and system administration. Also, this provides a covert ability to capture screen data from the Zoom Client on Windows by executin...
Dten D5 Firmware
Dten D7 Firmware
10
CVSSv2
CVE-2019-2036
In okToConnect of HidHostService.java, there is a possible permission bypass due to an incorrect state check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...
Google Android 8.0
Google Android 8.1
Google Android 9.0
Google Android 10.0
10
CVSSv2
CVE-2019-2204
In FindSharedFunctionInfo of objects.cc, there is a possible out of bounds read due to a mistake in AST traversal. This could lead to remote code execution in the pacprocessor with no additional execution privileges needed. User interaction is not needed for exploitation. Product...
Google Android 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »