CVE-2020-0001

PoC for CVE-2021-39749, allowing starting arbitrary Activity on Android 12L Beta

This is PoC for CVE-2021-39749, which allows starting activities of other apps on Android 12L Beta regardless of their permission and exported settings In Android 12L TaskFragmentOrganizer access (intentionally) no longer requires MANAGE_ACTIVITY_TASKS permission Using app provided here requires disabling Hidden API Checks, you can do so through adb shell settings put global hi

Utilities for manipulating CVSS vulnerability metric

CVSS A utility for reporting and manipulating CVSS v3 metrics The motivation for this tool came from looking for a simple command line tool to report the CVSS base score metric for a given CVE and asking the question 'how does that score apply in my environment' The CVSS V3 specification includes a modify base score string to address this question This utility extra

Markdown Badges for github to display a CVE

CVE badge for Github / Markdown Summary This online tool allows you to add a CVE Badge to your repository The only thing to do is to place the following line in markdown file in order to include the CVE badge Replace the id with your CVE ID  On Stackoverflow or other platform, the link can be a

POC to run system component in an untrusted-app process

CVE-2020-0001 POC to run system component in an untrusted-app process Blog zachiniocom/blogs/cve-2020-0001 How to use Run the app, make sure the process "comandroidsettings" does not exist, and click the "start service" button Launch the settings app or wait for a system component to launch it for you

A Ruby library for parsing the CVE JSON in the cvelist git repository

cvelist Homepage Issues Documentation Description A Ruby library for parsing the CVE JSON in the cvelist git repository Features Supports downloading/updating cvelist Git repository Supports CVE JSON Schema v40 Uses multi_json for configurable JSON parser Examples require 'cvelist' Cloning the cvelist repository: repo