126 matches found
CVE-2023-21089
CVE-2023-21089 affects Android 11–13 and arises from a flaw in ActivityManagerService.startInstrumentation that could keep a foreground service alive when the app is in the background. This enables local escalation of privilege without additional execution privileges, with no user interaction req...
CVE-2023-20943
In clearApplicationUserData of ActivityManagerService.java, there is a possible way to remove system files due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...
Path traversal
In clearApplicationUserData of ActivityManagerService.java, there is a possible way to remove system files due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...
CVE-2023-20943
In clearApplicationUserData of ActivityManagerService.java, there is a possible way to remove system files due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...
ASB-A-240267890
In clearApplicationUserData of ActivityManagerService.java, there is a possible way to remove system files due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...
CVE-2021-25363
An improper access control in ActivityManagerService prior to SMR APR-2021 Release 1 allows untrusted applications to access running processesdelete some local files...
Improper access control
An improper access control in ActivityManagerService prior to SMR APR-2021 Release 1 allows untrusted applications to access running processesdelete some local files...
CVE-2021-25363
An improper access control in ActivityManagerService prior to SMR APR-2021 Release 1 allows untrusted applications to access running processesdelete some local files...
CVE-2021-25363
Summary: CVE-2021-25363 describes an improper access control in Samsung’s ActivityManagerService prior to the SMR APR-2021 Release 1, enabling untrusted applications to access running processes and delete local files. Affected scope (from provided sources): Samsung SMR (system patch package) prio...
CVE-2021-0327
In getContentProviderImpl of ActivityManagerService.java, there is a possible permission bypass due to non-restored binder identities. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2021-0321
In enforceDumpPermissionForPackage of ActivityManagerService.java, there is a possible way to determine if a package is installed due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not...
CVE-2021-0321
In enforceDumpPermissionForPackage of ActivityManagerService.java, there is a possible way to determine if a package is installed due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not...
CVE-2020-0412
In setProcessMemoryTrimLevel of ActivityManagerService.java, there is a missing permission check. This could lead to local information disclosure of foreground processes with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2020-0412
In setProcessMemoryTrimLevel of ActivityManagerService.java, there is a missing permission check. This could lead to local information disclosure of foreground processes with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Information disclosure
In setProcessMemoryTrimLevel of ActivityManagerService.java, there is a missing permission check. This could lead to local information disclosure of foreground processes with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2020-0412
CVE-2020-0412 affects Android where in setProcessMemoryTrimLevel of ActivityManagerService.java a missing permission check could allow local information disclosure of foreground processes without extra privileges. Affected Android versions include 8.0–11 (Android-8.0/8.1/9/10/11). The issue is cl...
ASB-A-160390416
In setProcessMemoryTrimLevel of ActivityManagerService.java, there is a missing permission check. This could lead to local information disclosure of foreground processes with no additional execution privileges needed. User interaction is not needed for exploitation...
Information disclosure
In getProcessPss of ActivityManagerService.java, there is a possible side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID:...
CVE-2020-0087
CVE-2020-0087 affects Android 10 (framework). The issue is in ActivityManagerService.getProcessPss, enabling a side-channel information disclosure with local access and requiring user interaction to exploit. The vulnerability’s impact is partial information disclosure (high confidentiality impact...
CVE-2020-0087
In getProcessPss of ActivityManagerService.java, there is a possible side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID:...