Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
android vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-26131
Element Android is an Android Matrix Client. Element Android version 1.4.3 up to and including 1.6.10 is vulnerable to intent redirection, allowing a third-party malicious application to start any internal activity by passing some extra parameters. Possible impact includes making...
NA
CVE-2024-26132
Element Android is an Android Matrix Client. A third-party malicious application installed on the same phone can force Element Android, version 0.91.0 up to and including 1.6.12, to share files stored under the `files` directory in the application's private data directory to...
5.5
CVSSv3
CVE-2021-46935
In the Linux kernel, the following vulnerability has been resolved: binder: fix async_free_space accounting for empty parcels In 4.13, commit 74310e06be4d ("android: binder: Move buffer out of area shared with user space") fixed a kernel structure visibility issue. As p...
Linux Linux Kernel
NA
CVE-2024-27350
Amazon Fire OS 7 prior to 7.6.6.9 and 8 prior to 8.1.0.3 allows Fire TV applications to establish local ADB (Android Debug Bridge) connections. NOTE: some third parties dispute whether this has security relevance, because an ADB connection is only possible after the (non-default)...
NA
CVE-2022-42443
An undisclosed issue in Trusteer iOS SDK for mobile versions before 5.7 and Trusteer Android SDK for mobile versions before 5.7 may allow uploading of files. IBM X-Force ID: 238535.
NA
CVE-2024-25466
Directory Traversal vulnerability in React Native Document Picker before v.9.1.1 and fixed in v.9.1.1 allows a local malicious user to execute arbitrary code via a crafted script to the Android library component.
1 Github repository
NA
CVE-2024-0390
INPRAX "iZZi connect" application on Android contains hard-coded MQTT queue credentials. The same MQTT queue is used by corresponding physical recuperation devices. Exploiting this vulnerability could potentially allow unauthorized access to manage and read parameters o...
5
CVSSv3
CVE-2024-21374
Microsoft Teams for Android Information Disclosure Vulnerability
Microsoft Teams
8.8
CVSSv3
CVE-2023-6724
Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering Consultancy Machine Equipment Limited Company Hearing Tracking System allows Authentication Abuse.This issue affects Hearing Tracking System: before for IOS 7.0, for Android Latest release 1.0....
Simgesel Hearing Tracking System
7.8
CVSSv3
CVE-2024-22012
there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Google Android -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »