Security
Headlines
HeadlinesLatestCVEs

Tag

#android

CVE-2021-0696: Android Security Bulletin—October 2022  |  Android Open Source Project

In dllist_remove_node of TBD, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-242344778

CVE
Open in Source
#vulnerability#android#google#dos#rce#nokia#samsung#huawei
CVE-2022-20429: Android Automotive OS Update Bulletin—October 2022  |  Android Open Source Project

In CarSettings of app packages, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220741473

Google’s Pixel 7 and Pixel 7 Pro Pack New Android VPN and Tensor G2, Titan M2 Chips

The company says it hardened the security of its new flagship phones—and plans to release a built-in Android VPN.

CVE-2022-38388: Security Bulletin: IBM Navigator Mobile Android app is vulnerable due to improper access control (CVE-2022-38388)

IBM Navigator Mobile Android 3.4.1.1 and 3.4.1.2 app could allow a local user to obtain sensitive information due to improper access control. IBM X-Force ID: 233968.

A week in security (October 3 – 9)

Categories: News Tags: romance scammer Tags: android vulnerabilities Tags: SQL servers Tags: Data Access Agreement Tags: bogus job offers Tags: Kim Kardashian Tags: TikTok Tags: smishing Tags: ransomware review Tags: BitBucket The most important and interesting computer security stories from the last week. (Read more...) The post A week in security (October 3 – 9) appeared first on Malwarebytes Labs.

Apple Safari Safest, Google Chrome Riskiest Browser of 2022- Study

By Waqas According to researchers, Google Chrome, Mozilla Firefox, and Microsoft Edge browser contained the most vulnerabilities in 2022. This is a post from HackRead.com Read the original post: Apple Safari Safest, Google Chrome Riskiest Browser of 2022- Study

Binance Hackers Minted $569M in Crypto—Then It Got Complicated

Plus: The US warns of a mysterious military contractor breach, a "poisoned" version of the Tor Browser is tracking Chinese users, and more.

CVE-2022-32593: October 2022

In vowe, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138493; Issue ID: ALPS07138493.

Meta accuses apps of stealing WhatsApp accounts

Categories: News Tags: Meta Tags: WhatsApp Tags: apps Tags: mobile Tags: android Tags: device Tags: account Tags: credentials Tags: spam Meta is suing developers for multiple credential-stealing apps found on Google Play and elsewhere. (Read more...) The post Meta accuses apps of stealing WhatsApp accounts appeared first on Malwarebytes Labs.

Meta Flags Malicious Android, iOS Apps Affecting 1M Facebook Users

Some 400 mobile apps have posed as legitimate software on Google Play and the Apple App Store over the past year, and were designed to steal Facebook user credentials.