CVSS: 10.0EPSS: 0%CPEs: 117EXPL: 2CVE-2013-6774 – Android 4.2.x Superuser Unsanitized Environment
https://notcve.org/view.php?id=CVE-2013-6774
14 Nov 2013 — Untrusted search path vulnerability in the ChainsDD Superuser package 3.1.3 for Android 4.2.x and earlier, CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier, and Chainfire SuperSU package before 1.69 for Android 4.2.x and earlier allows attackers to load an arbitrary .jar file and gain privileges via a crafted BOOTCLASSPATH environment variable for a /system/xbin/su process. NOTE: another researcher was unable to reproduce this with ChainsDD Superuser. Vulnerabilidad de ... • https://packetstorm.news/files/id/124015 •
CVSS: 7.8EPSS: 0%CPEs: 39EXPL: 2CVE-2013-6768 – Android 4.2.x Superuser Unsanitized Environment
https://notcve.org/view.php?id=CVE-2013-6768
14 Nov 2013 — Untrusted search path vulnerability in the CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier allows attackers to trigger the launch of a Trojan horse app_process program via a crafted PATH environment variable for a /system/xbin/su process. Vulnerabilidad de búsqueda de ruta no confiable en el paquete CyanogenMod/ClockWorkMod/Koush Superuser 1.0.2.1 para Android 4.2.x y anteriores permite a atacantes provocar el lanzamiento de un programa app_process caballo de troya a t... • https://packetstorm.news/files/id/124015 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 3%CPEs: 13EXPL: 0CVE-2013-5324 – flash-plugin: multiple code execution flaws (APSB13-21)
https://notcve.org/view.php?id=CVE-2013-5324
11 Sep 2013 — Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before 3.8.0.1430 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3361, CVE-2013-3362, and CVE-2013-3363. Adobe Flash Player anterior a 11.... • http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 3%CPEs: 13EXPL: 0CVE-2013-3361 – flash-plugin: multiple code execution flaws (APSB13-21)
https://notcve.org/view.php?id=CVE-2013-3361
11 Sep 2013 — Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before 3.8.0.1430 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3362, CVE-2013-3363, and CVE-2013-5324. Adobe Flash Player anterior a 11.... • http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 3%CPEs: 13EXPL: 0CVE-2013-3362 – flash-plugin: multiple code execution flaws (APSB13-21)
https://notcve.org/view.php?id=CVE-2013-3362
11 Sep 2013 — Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before 3.8.0.1430 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3361, CVE-2013-3363, and CVE-2013-5324. Adobe Flash Player anterior a 11.... • http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 3%CPEs: 13EXPL: 0CVE-2013-3363 – flash-plugin: multiple code execution flaws (APSB13-21)
https://notcve.org/view.php?id=CVE-2013-3363
11 Sep 2013 — Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before 3.8.0.1430 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3361, CVE-2013-3362, and CVE-2013-5324. Adobe Flash Player anteriores a 1... • http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 14%CPEs: 216EXPL: 0CVE-2013-3344 – flash-plugin: Multiple code execution flaws (APSB13-17)
https://notcve.org/view.php?id=CVE-2013-3344
10 Jul 2013 — Heap-based buffer overflow in Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 11.1.115.69 on Android 4.x allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de memoria dinámica en Adobe Flash Player anterior a 11.7.700.232 y 11.8.x anterior a 11.8.800.94 en Windows y Mac OS X, anterior a 11.2.202.297 en Linux, anterior a 11.1.111.64 en Android 2.x y... • http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00021.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 216EXPL: 0CVE-2013-3345 – flash-plugin: Multiple code execution flaws (APSB13-17)
https://notcve.org/view.php?id=CVE-2013-3345
10 Jul 2013 — Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 11.1.115.69 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Adobe Flash Player anterior a 11.7.700.232 y 11.8.x anterior a 11.8.800.94 en Windows y Mac OS X, anterior a 11.2.202.297 en Linux, anterior a 11.1.111.64 en Android 2.x y 3.x,anterior a 11.... • http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00021.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 2%CPEs: 216EXPL: 0CVE-2013-3347 – Adobe Flash Player Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3347
10 Jul 2013 — Integer overflow in Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 11.1.115.69 on Android 4.x allows attackers to execute arbitrary code via PCM data that is not properly handled during resampling. Desbordamiento de entero en Adobe Flash Player anterior a 11.7.700.232 y 11.8.x anterior a 11.8.800.94 en Windows y Mac OS X, anterior a 11.2.202.297 en Linux, anterior a 11.1.111.64 ... • http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00021.html • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 0%CPEs: 33EXPL: 1CVE-2013-4787 – Google Android - 'APK' code Remote Security Bypass
https://notcve.org/view.php?id=CVE-2013-4787
09 Jul 2013 — Android 1.6 Donut through 4.2 Jelly Bean does not properly check cryptographic signatures for applications, which allows attackers to execute arbitrary code via an application package file (APK) that is modified in a way that does not violate the cryptographic signature, probably involving multiple entries in a Zip file with the same name in which one entry is validated but the other entry is installed, aka Android security bug 8219321 and the "Master Key" vulnerability. Android v1.6 Donut hasta v4.2 Jelly ... • https://www.exploit-db.com/exploits/38627 • CWE-310: Cryptographic Issues •