credentials
Disclosure of all uploads via hardcoded api secret
WebView
Android security checklist: WebView
Insecure deeplinks
Account Takeover Via DeepLink
Sensitive Info
Sensitive information disclosure
RCE/ACE
Why dynamic code loading could be dangerous for your apps: a Google example
RCE/ACE
RCE in TinyCards for Android
RCE/ACE
Persistent arbitrary code execution in Android's Google Play Core Library
RCE/ACE
CVE-2020-8913: Persistent arbitrary code execution in Google Play Core library
RCE/ACE
TikTok: three persistent arbitrary code executions and one theft of arbitrary files
Memory corruption
Exploiting memory corruption vulnerabilities on Android
Cryptography
Use cryptography in mobile apps the right way
SQL Injection
SQL Injection in Content Provider
SQL Injection
Another SQL Injection in Content Provider
Session theft
Steal user session
Steal files
Android security checklist: theft of arbitrary files
Steal files
How to exploit insecure WebResourceResponse configurations
Steal files
Vulnerable to local file steal, Javascript injection, Open redirect
Steal files
Token leakage due to stolen files via unprotected Activity
Steal files
Steal files due to exported services
Steal files
Steal files due to unprotected exported Activity
Steal files
Steal files due to insecure data storage
Steal files
Insecure local data storage, makes it easy to steal files
Bypasses
Accidental $70k Google Pixel Lock Screen Bypass
Bypasses
Golden techniques to bypass host validations
Bypasses
Two-factor authentication bypass due to vuln endpoint
Bypasses
Another endpoint Auth bypass
Bypasses
Bypass PIN/Fingerprint lock
Bypasses
Bypass lock protection
Bypasses
Bypass of biometrics security functionality
XSS
HTML Injection in BatterySaveArticleRenderer WebView
XSS
XSS via SAMLAuthActivity
XSS
XSS in ImageViewerActivity
XSS
XSS via start ContentActivity
XSS
XSS on Owncloud webview
Privilege Escalation
20 Security Issues Found in Xiaomi Devices
Privilege Escalation
Discovering vendor-specific vulnerabilities in Android
Permissions
Common mistakes when using permissions in Android
Privilege Escalation
Two weeks of securing Samsung devices: Part 2
Privilege Escalation
Two weeks of securing Samsung devices: Part 1
Intent Spoofing
Intent Spoofing
Content Provider
Access of some not exported content providers
Intent Spoofing
Access protected components via intent
Fragment Injection
Fragment injection
JS Injection
Javascript injection
CSRF
Deeplink leads to CSRF in follow action
Account Collision
overwrite account associated with email via android application
Broadcasts
Possible to intercept broadcasts about file uploads
Broadcasts
Vulnerable exported broadcast reciever
Info Disclosure
View every network request response's information
Content Provider
Content Provider Local File Inclusion
