EUVD-2026-33768

In multiple functions of AccessibilityManagerService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0018

In multiple functions of AccessibilityManagerService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0018

In multiple functions of AccessibilityManagerService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-449392803

In multiple functions of AccessibilityManagerService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-31322

In updateServicesLocked of AccessibilityManagerService.java, there is a possible way for an app to be hidden from the Setting while retaining Accessibility Service due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. Us...

PT-2024-23968 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The issue is related to improper input validation in the updateServicesLocked method of AccessibilityManagerService.java. This could allow an app to be hidden from settings while retaining...

CVE-2024-0038

In injectInputEventToInputFilter of AccessibilityManagerService.java, there is a possible arbitrary input event injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

Google Android Security Vulnerability

Google Android is a Linux-based open source operating system from Google Inc. in the United States. A security vulnerability exists in Google Android, which stems from a lack of permission checking in the injectInputEventToInputFilter method of the AccessibilityManagerService.java file, which cou...

PT-2024-15313 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The issue is related to a missing permission check in the injectInputEventToInputFilter function of AccessibilityManagerService.java. This could lead to arbitrary input event injection,...

PT-2023-17712 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-13 Description: A logic error in the code of AccessibilityManagerService.java allows for the automatic granting of accessibility services, potentially leading to local escalation of privilege withou...

CVE-2023-20921

In onPackageRemoved of AccessibilityManagerService.java, there is a possibility to automatically grant accessibility services due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

PT-2022-14708 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-13 Description: A logic error in the code of AccessibilityManager.java, specifically in the getEnabledAccessibilityServiceList function, allows for a possible way to hide an accessibility service...

CVE-2003-0350

CVE-2003-0350 affects Windows 2000’s Accessibility Utility Manager (ListView). The vulnerability arises from improper handling of Windows messages in the ListView control, enabling a local attacker to cause arbitrary code execution via a malicious Shatter-style message that references a user-cont...