Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google android sdk vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-20906
In onPackageAddedInternal of PermissionManagerService.java, there is a possible way to silently grant a permission after a Target SDK update due to a permissions bypass. This could lead to local escalation of privilege after updating an app to a higher Target SDK with no addition...
Google Android 11.0
Google Android 12.0
Google Android 12.1
Google Android 13.0
7.3
CVSSv3
CVE-2023-0460
The YouTube Embedded 1.2 SDK binds to a service within the YouTube Main App. After binding, a remote context is created with the flags Context.CONTEXT_INCLUDE_CODE | Context.CONTEXT_IGNORE_SECURITY. This allows the client app to remotely load code from YouTube Main App by retriev...
Google Youtube Android Player Api
7.8
CVSSv3
CVE-2021-23243
In Oppo's battery application, the third-party SDK provides the function of loading a third-party Provider, which can be used.
Google Android 11.0
7.5
CVSSv3
CVE-2021-25417
Improper authorization in SDP SDK prior to SMR JUN-2021 Release 1 allows access to internal storage.
Google Android 9.0
Google Android 10.0
4.7
CVSSv3
CVE-2020-7744
This affects all versions of package com.mintegral.msdk:alphab. The Android SDK distributed by the company contains malicious functionality in this module that tracks: 1. Downloads from Google urls either within Google apps or via browser including file downloads, e-mail attachme...
Mintegral Mintegraladsdk -
5.5
CVSSv3
CVE-2020-0106
In getCellLocation of PhoneInterfaceManager.java, there is a possible permission bypass due to a missing SDK version check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: And...
Google Android 10.0
1 Article
9.8
CVSSv3
CVE-2016-11038
An issue exists on Samsung mobile devices with software through 2016-04-05 (incorporating the Samsung Professional Audio SDK). The Jack audio service doesn't implement access control for shared memory, leading to arbitrary code execution or privilege escalation. The Samsung ...
Google Android -
6.1
CVSSv3
CVE-2019-11358
jQuery prior to 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Jquery Jquery
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Drupal Drupal
Backdropcms Backdrop
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Netapp Snapcenter -
Netapp Oncommand System Manager
Redhat Cloudforms 4.7
Redhat Virtualization Manager 4.3
Oracle Service Bus 12.1.3.0.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Weblogic Server 12.1.3.0.0
Oracle Service Bus 11.1.1.9.0
Oracle Jdeveloper 11.1.1.9.0
Oracle Primavera Unifier 16.1
123 Github repositories
NA
CVE-2015-5567
Adobe Flash Player prior to 18.0.0.241 and 19.x prior to 19.0.0.185 on Windows and OS X and prior to 11.2.202.521 on Linux, Adobe AIR prior to 19.0.0.190, Adobe AIR SDK prior to 19.0.0.190, and Adobe AIR SDK & Compiler prior to 19.0.0.190 allow malicious users to execute arbi...
Adobe Flash Player 15.0.0.167
Adobe Flash Player 15.0.0.189
Adobe Flash Player 14.0.0.145
Adobe Flash Player 14.0.0.176
Adobe Flash Player 15.0.0.246
Adobe Flash Player 16.0.0.235
Adobe Flash Player 17.0.0.190
Adobe Flash Player 17.0.0.191
Adobe Flash Player 14.0.0.179
Adobe Flash Player 15.0.0.152
Adobe Flash Player 16.0.0.257
Adobe Flash Player 16.0.0.287
Adobe Flash Player 18.0.0.160
Adobe Flash Player 18.0.0.194
Adobe Flash Player 16.0.0.296
Adobe Flash Player 17.0.0.134
Adobe Flash Player 18.0.0.203
Adobe Flash Player 18.0.0.209
Adobe Flash Player 18.0.0.232
Adobe Flash Player
Adobe Flash Player 14.0.0.125
Adobe Flash Player 15.0.0.223
NA
CVE-2015-5568
Adobe Flash Player prior to 18.0.0.241 and 19.x prior to 19.0.0.185 on Windows and OS X and prior to 11.2.202.521 on Linux, Adobe AIR prior to 19.0.0.190, Adobe AIR SDK prior to 19.0.0.190, and Adobe AIR SDK & Compiler prior to 19.0.0.190 allow malicious users to cause a deni...
Adobe Flash Player
Adobe Flash Player 14.0.0.125
Adobe Flash Player 15.0.0.223
Adobe Flash Player 15.0.0.239
Adobe Flash Player 17.0.0.188
Adobe Flash Player 17.0.0.190
Adobe Flash Player 14.0.0.179
Adobe Flash Player 15.0.0.152
Adobe Flash Player 16.0.0.257
Adobe Flash Player 16.0.0.287
Adobe Flash Player 18.0.0.194
Adobe Flash Player 18.0.0.203
Adobe Flash Player 14.0.0.145
Adobe Flash Player 14.0.0.176
Adobe Flash Player 15.0.0.246
Adobe Flash Player 16.0.0.235
Adobe Flash Player 17.0.0.191
Adobe Flash Player 18.0.0.160
Adobe Flash Player 15.0.0.167
Adobe Flash Player 15.0.0.189
Adobe Flash Player 16.0.0.296
Adobe Flash Player 17.0.0.134
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »