44 matches found
CVE-2023-21266
In multiple functions of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
UBUNTU-CVE-2023-21266
In multiple functions of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2023-18047 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The issue is related to a permissions bypass in the killBackgroundProcesses function of ActivityManagerService.java, which could allow escaping Google Play protection. This might lead to...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that originates from a messy proxy in the openContentUri module of ActivityManagerService.java, which can be exploited by an attacker to obtain sensitive...
CVE-2023-21131
In checkKeyIntentParceledCorrectly of ActivityManagerService.java, there is a possible bypass of Parcel Mismatch mitigations due to a logic error in the code. This could lead to local escalation of privilege and the ability to launch arbitrary activities in settings with no additional execution...
PT-2023-17923 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: A logic error in the checkKeyIntentParceledCorrectly function of ActivityManagerService.java can lead to a bypass of Parcel Mismatch mitigations. This issue could result in local...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused by a privilege bypass in registerReceiverWithFeature of ActivityManagerService.java. An attacker can exploit the vulnerability to elevate...
PT-2023-17909 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a permissions bypass in the registerReceiverWithFeature method of ActivityManagerService.java. This could allow isolated processes to register a broadcast receiver, potentially...
CVE-2023-21496
Active Debug Code vulnerability in ActivityManagerService prior to SMR May-2023 Release 1 allows attacker to use debug function via setting debug level...
PT-2023-18250 · Unknown · Activitymanagerservice
Name of the Vulnerable Software and Affected Versions: ActivityManagerService versions prior to SMR May-2023 Release 1 Description: The issue allows an attacker to utilize a debug function by setting the debug level, potentially exploiting the Active Debug Code vulnerability in...
SAMSUNG Mobile devices 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability in SAMSUNG Mobile devices SMR May-2023 Release 1 previously existed in ActivityManagerService that allowed an attacker to use...
CVE-2021-25363
An improper access control in ActivityManagerService prior to SMR APR-2021 Release 1 allows untrusted applications to access running processesdelete some local files...
CVE-2021-0327
In getContentProviderImpl of ActivityManagerService.java, there is a possible permission bypass due to non-restored binder identities. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2021-0321
In enforceDumpPermissionForPackage of ActivityManagerService.java, there is a possible way to determine if a package is installed due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not...
CVE-2020-0412
In setProcessMemoryTrimLevel of ActivityManagerService.java, there is a missing permission check. This could lead to local information disclosure of foreground processes with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2020-0087
In getProcessPss of ActivityManagerService.java, there is a possible side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID:...
Design/Logic Flaw
In the Activity Manager service, there is a possible permission bypass due to incorrect permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android I...
CVE-2019-9378
CVE-2019-9378 affects Android 10 in the Framework/Activity Manager area, where a permission check weakness allows local elevation of privileges without user interaction. The issue enables a bypass of access controls to gain higher privileges on the device, with Local attack vector and no authenti...
CVE-2019-2121
In ActivityManagerService.attachApplication of ActivityManagerService, there is a possible race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Andro...
The vulnerability of the `checkGrantUriPermissionLocked` function in the Android operating system’s Framework component, which allows a hacker to escalate their privileges
The vulnerability of the checkGrantUriPermissionLocked function in the ActivityManagerService.java file of the Android operating system’s framework is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to increase their privileges through a...