| CARVIEW |
Select Language
HTTP/2 301
date: Mon, 28 Jul 2025 21:43:18 GMT
content-type: text/html; charset=utf-8
content-length: 0
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With,Accept-Encoding, Accept, X-Requested-With
location: https://github.com/AndroidVTS/android-vts/releases
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com copilotprodattachments.blob.core.windows.net/github-production-copilot-attachments/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
set-cookie: _gh_sess=AGBYQAQ96OMmik9qUd0nAjV81BG%2B3prkRanYNiqWJeVFv1rASTxlUseO5x1LJY%2F6GO%2B79KMpKZl4Q%2B5j9it4TupRTK17sE%2FBXx2d17qoLRblJ5Q8i%2BN6buuAytodvNYOfh%2FcfcirrxycsPgnyKrJ44uUzFoAmi1WZci3Gwp02dOz83v%2BC0Xe2DFdFCh9xODBpu20Zu7pCgllJRiO9EwFBIFcH0a0dN%2FoD58vWBIzuuV5zWcmSzM8VWW08%2BBEJ%2BaAXo9kWdmQxUtVyY957GDLpA%3D%3D--z9XdOwRzHcbvXX7u--3oXEqaohsbhkHultaOV%2BLQ%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.501246431.1753738998; Path=/; Domain=github.com; Expires=Tue, 28 Jul 2026 21:43:18 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Tue, 28 Jul 2026 21:43:18 GMT; HttpOnly; Secure; SameSite=Lax
x-github-request-id: EC06:244FAD:D02EA:11FF38:6887EEF6
HTTP/2 200
date: Mon, 28 Jul 2025 21:43:19 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With,Accept-Encoding, Accept, X-Requested-With
etag: W/"42be81baef547491b2797baa3405c516"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com copilotprodattachments.blob.core.windows.net/github-production-copilot-attachments/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
x-github-request-id: EC06:244FAD:D02FB:11FF4E:6887EEF6
Releases · AndroidVTS/android-vts · GitHub
15 Dec 15:04
Loading
30 Nov 23:57
Loading
25 Nov 21:01
Loading
18 Nov 17:34
Loading
14 Nov 19:45
Loading
10 Nov 19:04
Loading
10 Nov 18:03
Loading
06 Nov 17:35
Loading
Skip to content
Navigation Menu
{{ message }}
-
Notifications
You must be signed in to change notification settings - Fork 271
Releases: AndroidVTS/android-vts
Releases · AndroidVTS/android-vts
AndroidVTS v.13
Compare
- Prioritize vulnerables which were positive on the device
- Add intro/welcome screens
- Add a test for CVE-2015-6616 from the December sec bulletin
Assets 3
AndroidVTS v.12
Compare
Add a dialog after scan to denote whether the device is vulnerable or not
Bubble vulnerable items to the top of the list
Assets 3
AndroidVTS v.11
Compare
- Sort vulnerabilities by date of CVE descending
- Enable WeakSauce check
- Fix crashes with x509 serialization check on devices < Kitkat
- Add check for CVE-2015-1528
- Fix some UI state bugs
- Small grammar fixes
Assets 3
AndroidVTS v.9
Compare
- Fixes coloring issue(s) with failed/inconclusive tests
- Adds new check for CVE-2015-6608
- Fixes race condition related to running some stagefright checks
- In the additional info, links to patches are shown instead of duped external links
- Added the ability to (optionally, explicitly, and anonymously) share results to a publicly available Google spreadsheet
Assets 3
AndroidVTS v.6
Compare
Added descriptions to each vulnerability
Fixed some issues running on ARM64
Changed the vulnerability status to be yellow in the case of a failed test
Assets 3
AndroidVTS v.5
Compare
This should fix issues with the serialization bug accidentally decrementing the wrong address:
*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
Build fingerprint: 'Verizon/zerofltevzw/zerofltevzw:5.0.2/LRX22G/G920VVRU1AOC3:user/release-keys'
Revision: '10'
ABI: 'arm'
pid: 16731, tid: 16741, name: FinalizerDaemon >>> com.nowsecure.android.vts <<<
signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x135f
r0 0000135f r1 f7296914 r2 00001337 r3 f72770f0
r4 0000135f r5 f7296904 r6 00000000 r7 00000000
r8 00000002 r9 f729f78c sl f729f7b4 fp 00000014
ip ed71a928 sp f4bbfa08 lr f71c2683 pc f71c2686 cpsr 00070030
backtrace:
#00 pc 00058686 /system/lib/libcrypto.so (asn1_enc_free+11)
#01 pc 000573d1 /system/lib/libcrypto.so
#02 pc 000574a9 /system/lib/libcrypto.so (ASN1_template_free+74)
#03 pc 00057417 /system/lib/libcrypto.so
#04 pc 0005744f /system/lib/libcrypto.so (ASN1_item_free+12)
#05 pc 000174d1 /system/framework/arm/boot.oat
Assets 3
AndroidVTS v.4
Compare
Added the ability to execute vulns only on particular architectures.
Assets 3
AndroidVTS v.3
Compare
This update includes a new material design.
Assets 3
You can’t perform that action at this time.