Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
android api vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2020-25065
An issue exists on LG mobile devices with Android OS 4.4, 5.0, 5.1, 6.0, 7.0, 7.1, 8.0, 8.1, 9.0, and 10 software. Key logging may occur because of an obsolete API. The LG ID is LVE-SMP-170010 (August 2020).
Google Android 7.1.0
Google Android 6.0
Google Android 7.0
Google Android 5.0
Google Android 4.4
Google Android 8.0
Google Android 5.1
Google Android 8.1
Google Android 9.0
Google Android 10.0
4.3
CVSSv2
CVE-2020-16168
Origin Validation Error in temi Robox OS before 120, temi Android app up to 1.3.7931 allows remote malicious users to access the REST API and MQTT broker used by the temi and send it custom data/requests via unspecified vectors.
Robotemi Temi Firmware
6.8
CVSSv2
CVE-2020-5604
Android App 'Mercari' (Japan version) prior to version 3.52.0 allows arbitrary method execution of a Java object by a remote attacker via a Man-In-The-Middle attack by using Java Reflection API of JavaScript code on WebView.
Mercari Mercari
5
CVSSv2
CVE-2020-15579
An issue exists on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Attackers can bypass Factory Reset Protection (FRP) via the KNOX API. The Samsung ID is SVE-2020-17318 (July 2020).
Google Android 8.0
Google Android 8.1
Google Android 9.0
Google Android 10.0
4.3
CVSSv2
CVE-2019-16252
Missing SSL Certificate Validation in the Nutfind.com application up to and including 3.9.12 for Android allows a man-in-the-middle malicious user to sniff and manipulate all API requests, including login credentials and location data.
Nutfind Nutfind
5
CVSSv2
CVE-2016-11058
The NETGEAR genie application prior to 2.4.34 for Android is affected by mishandling of hard-coded API keys and session IDs.
Netgear Genie
5
CVSSv2
CVE-2017-18658
An issue exists on Samsung mobile devices with M(6.0) software. The multiwindow_facade API allows malicious users to cause a NullPointerException and system halt via an attempted screen touch of a non-existing display. The Samsung ID is SVE-2017-9383 (August 2017).
Google Android 6.0
5
CVSSv2
CVE-2017-18669
An issue exists on Samsung mobile devices with N(7.x) software. Persona has an unprotected API that allows launch of any activity with system privileges. The Samsung ID is SVE-2017-9000 (June 2017).
Google Android 7.1.0
Google Android 7.1.2
Google Android 7.0
Google Android 7.1.1
7.8
CVSSv2
CVE-2017-18679
An issue exists on Samsung mobile devices with M(6.0) software. SLocation can cause a system crash via a call to an API that is not implemented. The Samsung ID is SVE-2017-8285 (April 2017).
Google Android 6.0
2.1
CVSSv2
CVE-2019-5634
An inclusion of sensitive information in log files vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC. Communications to the internet API services and direct connections to the lock via Bluetooth Low Energy (BLE) from the mobile applic...
Belwith-keeler Hickory Smart
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »