1085 matches found
Code injection
In executeRequest of OverlayManagerService.java, there is a possible way to control fabricated overlays from adb shell due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
Design/Logic Flaw
In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Race condition
In phTmlNfcInit and phTmlNfcCleanUp of phTmlNfc.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...
Design/Logic Flaw
In setLaunchIntent of BluetoothDevicePickerPreferenceController.java, there is a possible way to invoke an arbitrary broadcast receiver due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
Design/Logic Flaw
In GBoard, there is a possible way to bypass Factory Reset Protection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11...
Design/Logic Flaw
In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Memory corruption
In ipcSetDataReference of Parcel.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...
Design/Logic Flaw
In jitmemoryregion.cc, there is a possible bypass of memory restrictions due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID:...
Design/Logic Flaw
In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
Code injection
In multiple methods of EuiccNotificationManager.java, there is a possible way to install existing packages without user consent due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...
Out-of-bounds
In doRead of SimpleDecodingSource.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...
Code injection
In sortSimPhoneAccountsForEmergency of CreateConnectionProcessor.java, there is a possible prevention of access to emergency calling due to an unhandled exception. In rare instances, this could lead to local denial of service with User execution privileges needed. User interaction is not needed f...
CVE-2021-1036
In LocationSettingsActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10...
CVE-2021-1036
CVE-2021-1036 corresponds to an elevation-of-privilege vulnerability in Android’s LocationSettingsActivity via a tapjacking/overlay attack. Public records across NVD, Red Hat, CNVD and related sources confirm: affected products are Android 9–12 (and specifically AAOS references) with the vulnerab...
CVE-2021-39630
CVE-2021-39630 pertains to Android 12 and affects the OverlayManagerService’s executeRequest path. The issue describes a permissions bypass that could allow an attacker withadb shell access to control fabricated overlays, resulting in local elevation of privilege with no additional execution priv...
CVE-2021-39627
CVE-2021-39627 describes a permissions bypass in Android via an unsafe PendingIntent in LegacyModeSmsHandler.java (sendLegacyVoicemailNotification). Affected: Android 9–12 (Android-9, -10, -11, -12). Root cause: unsafe PendingIntent may allow elevation of privileges within a privileged process. I...
CVE-2021-39626
In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2021-39626
CVE-2021-39626 affects Android devices (Android-9 to Android-12) via a permission bypass in ConnectedDeviceDashboardFragment.java (onAttach), enabling local privilege escalation in Bluetooth settings with no extra execution privileges or user interaction required. The NVD entry notes a high base ...
CVE-2021-39618
In multiple methods of EuiccNotificationManager.java, there is a possible way to install existing packages without user consent due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...
CVE-2021-0959
CVE-2021-0959 is a local elevation-of-privilege vulnerability in Android 12 affecting jit_memory_region.cc. The flaw enables bypassing memory restrictions due to a logic error, allowing a local attacker to gain higher privileges without user interaction. Exploitation is described as requiring loc...