Android漏洞信息库
(608项)
  608条漏洞信息;   846条到OVAL定义的映射;  330条到CWE定义的映射  
80条原生漏洞;  23条框架层漏洞;  24条内核层漏洞  
  19条Native层漏洞;  341条应用层漏洞;  13条原生应用层漏洞  
  328条第三方应用漏洞;  179条第三方组件漏洞;  22条第三方系统漏洞  

最近发布的OSVDB条目More

OSVDB/103143
2014-02-09
Android File Manager for Android (com.smartwho.SmartFileManager) contains a flaw that allows traversing outside of a restricted path. The issue is due to the program not properly sanitizing user input...
OSVDB/103153
2014-02-08
Next Browser for Android (com.jiubang.browser) contains a flaw that is due to the application failing to enforce restrictions on browsing history directories. With a specially crafted application, a l...
OSVDB/103119
2014-02-08
Snapchat contains a flaw that is due to the program failing to terminate tokens for messages, which may allow them to be reused. This may allow a remote attacker to crash a user's device by floodi...
OSVDB/102870
2014-02-04
Mozilla Firefox contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker sends a direct request for the system log, which discloses the so...
OSVDB/102965
2014-01-31
Opera contains a flaw in the intent: protocol that is due to the program failing to restrict access to the contents of local data files. This may allow a local attacker to gain access to potentially s...
OSVDB/102559
2014-01-24
Citrix GoToMeeting for Android contains a flaw related to logging output that is triggered when handling HTTP requests. This can result in potentially sensitive UserID, meeting details, and authentica...
OSVDB/102456
2014-01-24
Simple Zip Viewer (SimZip) for Android contains a flaw that allows traversing outside of a restricted path. The issue is due to the program not properly sanitizing user input, specifically path traver...
OSVDB/102796
2014-01-24
Apache Cordova and PhoneGap contain a flaw that is due to the URL interception ignoring iframe and XMLHttpRequest URLs. With a specially crafted script inside an iframe, a context-dependent attacker t...

最近修订的OSVDB条目More

OSVDB/97019
2013-09-10 00:41:06
Multiple Code Aurora Forum products contain a flaw in the CONFIG_STRICT_MEMORY_RWX feature. The issue is due to the program setting insecure permission for the aforementioned feature. This may allow a...
OSVDB/96924
2013-09-06 18:29:44
Gemini JPEG encoder, Mercury JPEG decoder, and Jpeg1.0 common encoder/decoder contain an unspecified integer overflow condition during the handling of hardware command IOCTL calls that may allow a loc...
OSVDB/96923
2013-09-06 18:26:49
Gemini JPEG encoder, Mercury JPEG decoder, and Jpeg1.0 common encoder/decoder contain an unspecified flaw related to incorrectly treating the number of hardware commands as signed. No further details ...
OSVDB/102965
2014-02-07 13:10:08
Opera contains a flaw in the intent: protocol that is due to the program failing to restrict access to the contents of local data files. This may allow a local attacker to gain access to potentially s...
OSVDB/102870
2014-02-11 00:27:33
Mozilla Firefox contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker sends a direct request for the system log, which discloses the so...

CVSS基础分值

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站