CVE-2023-40135 - How a Confused Deputy Bug in SaveUi.java Lets Anyone Peek at Your Images
A vulnerability called CVE-2023-40135 might sound like just another jumble of numbers and letters in Android’s long list of flaws. But if you care
CVE-2023-40129 - Heap Buffer Overflow in build_read_multi_rsp of gatt_sr.cc Exploited Remotely
Bluetooth is woven into our everyday devices—from smartphones to wireless headphones, it’s everywhere. However, lurking beneath the convenience are security risks. One particularly
CVE-2023-40123 - How a Confused Deputy in PipMenuView Leaked Protected Information on Android
In August 2023, a vulnerability was identified in the Android Open Source Project (AOSP) that could allow a local information disclosure between users on the
CVE-2023-40125 - How a Guest User Can Change Android APN Settings (Permission Bypass Exploit)
In September 2023, a new vulnerability surfaced in Android concerning the APN (Access Point Name) settings editor—a core part of Android’s settings that
CVE-2023-40116 - Bypassing Android’s Background Activity Launch Restrictions via PipTaskOrganizer.java
In this write-up, we’ll dig deep into CVE-2023-40116 — a vulnerability that slipped into Android’s PipTaskOrganizer.java, letting apps sneak past the system’s
Episode
00:00:00
00:00:00