Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
android api vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-16168
Origin Validation Error in temi Robox OS before 120, temi Android app up to 1.3.7931 allows remote malicious users to access the REST API and MQTT broker used by the temi and send it custom data/requests via unspecified vectors.
Robotemi Temi Firmware
605
VMScore
CVE-2020-5604
Android App 'Mercari' (Japan version) prior to version 3.52.0 allows arbitrary method execution of a Java object by a remote attacker via a Man-In-The-Middle attack by using Java Reflection API of JavaScript code on WebView.
Mercari Mercari
445
VMScore
CVE-2020-15579
An issue exists on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Attackers can bypass Factory Reset Protection (FRP) via the KNOX API. The Samsung ID is SVE-2020-17318 (July 2020).
Google Android 8.0
Google Android 8.1
Google Android 9.0
Google Android 10.0
383
VMScore
CVE-2019-16252
Missing SSL Certificate Validation in the Nutfind.com application up to and including 3.9.12 for Android allows a man-in-the-middle malicious user to sniff and manipulate all API requests, including login credentials and location data.
Nutfind Nutfind
445
VMScore
CVE-2016-11058
The NETGEAR genie application prior to 2.4.34 for Android is affected by mishandling of hard-coded API keys and session IDs.
Netgear Genie
694
VMScore
CVE-2017-18679
An issue exists on Samsung mobile devices with M(6.0) software. SLocation can cause a system crash via a call to an API that is not implemented. The Samsung ID is SVE-2017-8285 (April 2017).
Google Android 6.0
445
VMScore
CVE-2017-18669
An issue exists on Samsung mobile devices with N(7.x) software. Persona has an unprotected API that allows launch of any activity with system privileges. The Samsung ID is SVE-2017-9000 (June 2017).
Google Android 7.0
Google Android 7.1.0
Google Android 7.1.1
Google Android 7.1.2
445
VMScore
CVE-2017-18658
An issue exists on Samsung mobile devices with M(6.0) software. The multiwindow_facade API allows malicious users to cause a NullPointerException and system halt via an attempted screen touch of a non-existing display. The Samsung ID is SVE-2017-9383 (August 2017).
Google Android 6.0
187
VMScore
CVE-2019-5634
An inclusion of sensitive information in log files vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. Communications to the internet API services and direct connections to the lock via Bluetooth Low Energy (BLE) from the mobile applic...
Belwith-keeler Hickory Smart
668
VMScore
CVE-2019-11709
Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulner...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
Opensuse Leap 15.0
Opensuse Leap 15.1
Suse Package Hub -
Debian Debian Linux 8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »