| 518 | Reversing UK mobile rail tickets |
Reverse engineering
Android |
NA |
Zeeshan Mustafa (@by6153) |
Bug Bounty | 2023-01-31 | 2023-06-13 |
| 434 | Found an URL in the android application source code which lead to an IDOR |
Android
Information disclosure
IDOR |
NA |
Vengeance |
Bug Bounty | 2023-02-18 | 2023-06-13 |
| 409 | The code that wasn’t there: Reading memory on an Android device by accident |
Kernel hacking
Android
Memory leak
Memory corruption |
Qualcomm |
Man Yue Mo (@mmolgtm) |
Bug Bounty | 2023-02-23 | 2023-06-13 |
| 348 | Protecting Android clipboard content from unintended exposure |
Android |
SHEIN |
Microsoft 365 Defender Research Team |
Bug Bounty | 2023-03-06 | 2023-06-13 |
| 320 | Improper Authentication in Android App |
Logic flaw
Authentication flaw
HTTP response manipulation |
NA |
oXnoOneXo |
Bug Bounty | 2023-03-10 | 2023-06-13 |
| 311 | How I Leak Other’s Access Token by Exploiting Evil Deeplink Flaw |
Insecure deeplink
Android
Account takeover |
NA |
Crisdeo Nuel Siahaan |
Bug Bounty | 2023-03-13 | 2023-06-13 |
| 283 | Exploiting aCropalypse: Recovering Truncated PNGs |
Privacy issue
Information disclosure
Android |
Google |
David Buchanan (@David3141593) |
Bug Bounty | 2023-03-18 | 2023-06-13 |
| 257 | Attacking Android Antivirus Applications |
Android
Improper Export of Android Application Components |
McAfee |
2Dai (@mabenz68) |
Bug Bounty | 2023-03-29 | 2023-06-13 |
| 247 | How to avoid the aCropalypse |
Privacy issue
Information disclosure
Android |
Google
Microsoft |
Henrik Brodin |
Bug Bounty | 2023-03-30 | 2023-06-13 |
| 216 | Steal authentication token with one-click on misconfigured WebView. |
Android
Webview
Account takeover |
NA |
Kerolos A. Saber (@0xWise) |
Bug Bounty | 2023-04-08 | 2023-06-13 |
| 173 | The Fuzzing Guide to the Galaxy: An Attempt with Android System Services |
Android
Fuzzing
Heap overflow
Integer overflow
Out-of-bounds Write
Memory corruption
Local Privilege Escalation |
Samsung |
Anthony Remy |
Bug Bounty | 2023-04-20 | 2023-06-13 |
| 107 | Testing a new encrypted messaging app%27s extraordinary claims |
Android
Firebase
Cryptographic issues
Privacy issue
Information disclosure |
Converso |
Crnković |
Bug Bounty | 2023-05-10 | 2023-06-13 |
| 102 | Hacking Chess.com: My Journey to Unlock Premium Bots on the Android App |
Android
Privilege Escalation |
Chess.com |
Fr4 (@_icebre4ker_) |
Bug Bounty | 2023-05-10 | 2023-06-13 |
| 67 | 2FA Bypass Using Custom Cookie Parameter |
MFA bypass
Android |
NA |
Sharat Kaikolamthuruthil (@sharp488) |
Bug Bounty | 2023-05-22 | 2023-06-13 |
