CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2011-3901
https://notcve.org/view.php?id=CVE-2011-3901
Android SQLite Journal before 4.0.1 has an information disclosure vulnerability. Android SQLite Journal versión anterior a 4.0.1, presenta una vulnerabilidad de divulgación de información. • http://www.securityfocus.com/bid/53380 https://seclists.org/fulldisclosure/2012/May/19 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.4EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2343
https://notcve.org/view.php?id=CVE-2011-2343
The Bluetooth stack in Android before 2.3.6 allows a physically proximate attacker to obtain contact information via an AT phonebook transfer. La pila del Bluetooth en Android versiones anteriores a 2.3.6, permite a un atacante físicamente próximo obtener información de contacto por medio de una transferencia de la agenda telefónica AT. • https://code.google.com/p/android/issues/detail?id=21347 https://deepsec.net/docs/Slides/2013/DeepSec_2013_Jaime_Sanchez_-_Building_The_First_Android_IDS_On_Network_Level.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.0EPSS: 1%CPEs: 1EXPL: 1CVE-2014-7224
https://notcve.org/view.php?id=CVE-2014-7224
A Code Execution vulnerability exists in Android prior to 4.4.0 related to the addJavascriptInterface method and the accessibility and accessibilityTraversal objects, which could let a remote malicious user execute arbitrary code. Se presenta una vulnerabilidad de ejecución de código en Android versiones anteriores a 4.4.0, relacionada con el método addJavascriptInterface y los objetos accessibility y accessibilityTraversal, lo que podría permitir a un usuario malicioso remoto ejecutar código arbitrario. • http://www.openwall.com/lists/oss-security/2014/10/02/20 https://daoyuan14.github.io/news/newattackvector.html https://exchange.xforce.ibmcloud.com/vulnerabilities/96833 https://www.securityfocus.com/bid/70222 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2019-19273
https://notcve.org/view.php?id=CVE-2019-19273
On Samsung mobile devices with O(8.0) and P(9.0) software and an Exynos 8895 chipset, RKP (aka the Samsung Hypervisor EL2 implementation) allows arbitrary memory write operations. The Samsung ID is SVE-2019-16265. En dispositivos móviles Samsung con versiones de software O(8.0) y P(9.0) y un chipset Exynos versión 8895, RKP (también se conoce como la implementación Samsung Hypervisor EL2) permite operaciones de escritura de memoria arbitrarias. El ID de Samsung es SVE-2019-16265. • https://census-labs.com/news/2020/10/08/samsung-hypervisor-rkp-arbitrary-zero-write https://security.samsungmobile.com/securityUpdate.smsb • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2013-6792 – Google Android - Signature Verification Security Bypass
https://notcve.org/view.php?id=CVE-2013-6792
Google Android prior to 4.4 has an APK Signature Security Bypass Vulnerability Google Android versiones anteriores a 4.4, presenta una Vulnerabilidad de Omisión de Seguridad de Firma APK. • https://www.exploit-db.com/exploits/38821 http://www.securityfocus.com/bid/64529 •