5 matches found
Code injection
In getEnabledAccessibilityServiceList of AccessibilityManager.java, there is a possible way to hide an accessibility service due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2022-20450
In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way to bypass user consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Produc...
Privilege escalation
In handleNfcStateChanged of SecureNfcEnabler.java, there is a possible way to enable NFC from the Guest account due to a missing permission check. This could lead to local escalation of privilege from the Guest account with no additional execution privileges needed. User interaction is not needed...
Google Android 权限许可和访问控制问题漏洞
Google Android is a Linux-based open source operating system from Google. An elevation of privilege vulnerability exists in Google Android versions prior to 10, 11, and 12. The vulnerability stems from an incorrect programmatic call to an advanced local procedure. An attacker could use this...
Opera Browser 101112 - SVG Layout Memory Corruption (Metasploit)
Opera Browser 101112 - SVG Layout Memory Corruption Metasploit Exploit for Opera Browser 10/11/12 SVG layout Memory Corruption 0day Vulnerability: Discovered: 2010-10-13 Patched: 0day Tested on: v10.xx v10.50, v10.51, v10.52, v10.53, v10.54, v10.6, v10.61, v10.62 and v10.63 v11.xx v11.00, v11.01,...