CVE-2023-45777

In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to launch arbitrary activities using system privileges due to Parcel Mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed...

CVE-2021-0572

In doNotification of AccountManagerService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android...

EUVD-2023-25266

Malicious code in bioql PyPI...

EUVD-2023-39669

Malicious code in bioql PyPI...

EUVD-2021-3191

Malicious code in bioql PyPI...

Google Android Denial of Service Vulnerability (CNVD-2025-26881)

Google Android is a Linux-based open source operating system from Google. A denial of service vulnerability exists in Google Android due to a resource exhaustion flaw in multiple functions in AccountManagerService.java. An attacker can exploit this vulnerability to cause a denial of service...

CVE-2025-48545

In isSystemUid of AccountManagerService.java, there is a possible way for an app to access privileged APIs due to a confused deputy. This could lead to local privilege escalation with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. A denial of service vulnerability exists in Google Android due to a resource exhaustion flaw in multiple functions in AccountManagerService.java. An attacker can exploit this vulnerability to cause a denial of service...

ASB-A-397438392

In isSystemUid of AccountManagerService.java, there is a possible way for an app to access privileged APIs due to a confused deputy. This could lead to local privilege escalation with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-0086

In onResult of AccountManagerService.java, there is a possible way to overwrite auth token due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability caused by a lack of permission checking in Result of AccountManagerService.java. An attacker can exploit this vulnerability to obtain sensitive information...

Google Android elevation of privilege vulnerability (CNVD-2025-12378)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to a competitive condition flaw in multiple functions in AccountManagerService.java, which can be exploited by an attacker to gain elevated privileges ...

PT-2025-11063 · Google · Android

Name of the Vulnerable Software and Affected Versions: AccountManagerService affected versions not specified Description: A flaw exists in the onResult function of AccountManagerService.java due to a missing permission check. This could allow overwriting of an authentication token, potentially...

ASB-A-366401629

In isSafeIntent of AccountManagerService.java, there is a possible way to bypass an intent type check due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-40676

In checkKeyIntent of AccountManagerService.java, there is a possible way to bypass intent security check and install an unknown app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2024-40676

CVE-2024-40676 affects Google Android. The issue lies in checkKeyIntent of AccountManagerService.java, which can bypass the intent security check and allow installing an unknown app due to a confused deputy. This enables local elevation of privilege without requiring execution privileges or user ...

CVE-2024-40676

In checkKeyIntent of AccountManagerService.java, there is a possible way to bypass intent security check and install an unknown app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

Google Android 安全漏洞

Google Android is a free and open source mobile operating system developed by Google Inc. based on the Linux kernel. Google Android suffers from an elevation of privilege vulnerability that stems from an obfuscated sub-sub-sub-sub-sub-sub-sub issue in the checkKeyIntent function of...

CVE-2024-49724

In multiple functions of AccountManagerService.java, there is a possible way to bypass permissions and launch protected activities due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

CVE-2024-49744

In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to bypass parcel mismatch mitigation due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitatio...