| Samsung Flow - Any App Can Read The External Storage |
|
|
|
| Samsung Galaxy - Any App Can Install Any App In The Galaxy App Store |
|
|
|
| Write Up – Finapi (Open Banking API) Oauth Credentials Exposed In Plain Text In Android App |
|
|
|
| When Equal is Not, Another WebView Takeover Story |
|
|
|
| Facebook android vulnerability: Launching internal/tighten deeplink onbehalf of user |
|
|
|
| Write Up – Android Application Screen Lock Bypass Via ADB Brute Forcing |
|
|
|
| Abusing Facebooks `Call To Action` To Launch Internal Deeplinks |
|
|
|
| Facebook room deep linking vulnerability, allow malicious user to know the code for anyone’s meeting. |
|
|
|
| Write Up – Private Bug Bounty: Firebase Database Exposed By Misconfiguration – $2,000 USD |
|
|
|
| RCE In Adobe Acrobat Reader For Android(CVE-2021-40724) |
|
|
|
| Xiaomi Execute Arbitrary JavaScript |
|
|
|
| Facebook android webview vulnerability : Execute arbitrary javascript (xss) and load arbitrary website |
|
|
|
| Bypass video capture limit on Ray-Ban Stories |
|
|
|
| Tagged User Could Delete Facebook Story |
|
|
|
| Exploiting Request forgery on Mobile Applications. |
|
|
|
| How I Hacked Billion Android Users Social And 3rd Party Account | A Story About 5000$ Bug |
|
|
|
| Multiple bugs allowed malicious Android Applications to takeover Facebook/Workplace accounts |
|
|
|
| Bypass of biometrics & password security functionality for Android |
|
|
|
| Two weeks of securing Samsung devices: Part 2 |
|
|
|
| Size Matters — CVE-2021–0485 (High) |
|
|
|
| Hacking Xiaomi'S Android Apps - Part 1 |
|
|
|
| Gaining access to protected components |
|
|
|
| Why dynamic code loading could be dangerous for your apps: a Google example |
|
|
|
| Two weeks of securing Samsung devices: Part 1 |
|
|
|
| Android: Exploring vulnerabilities in WebResourceResponse |
|
|
|
writeups.xyz
/
Android