65 matches found
Improper access control
Improper access control vulnerability in Broadcaster in Group Sharing prior to versions 13.0.6.15 in Android S12, 13.0.6.14 in Android R11 and below allows attackers to identify the device...
CVE-2022-36865
Improper access control in Group Sharing prior to versions 13.0.6.15 in Android S12, 13.0.6.14 in Android R11 and below allows attackers to access device information...
CVE-2022-36866
Improper access control vulnerability in Broadcaster in Group Sharing prior to versions 13.0.6.15 in Android S12, 13.0.6.14 in Android R11 and below allows attackers to identify the device...
CVE-2022-36866
The CVE-2022-36866 issue affects Samsung’s Broadcaster in Group Sharing prior to versions 13.0.6.15 (Android S 12) and 13.0.6.14 (Android R 11). Root cause: improper access control in Broadcaster allows attackers to identify the device. Affected products and versions are documented in multiple so...
PT-2022-23670 · Google · Android
Name of the Vulnerable Software and Affected Versions: Broadcaster in Group Sharing versions prior to 13.0.6.15 in Android S12 Broadcaster in Group Sharing versions prior to 13.0.6.14 in Android R11 and below Description: The issue is related to improper access control, allowing attackers to...
CVE-2022-27837
A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R11.0 and 13.0.1.1 in Android S12.0 allows attacker to access the file with system privilege...
CVE-2022-27837
A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R11.0 and 13.0.1.1 in Android S12.0 allows attacker to access the file with system privilege...
Privilege escalation
A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R11.0 and 13.0.1.1 in Android S12.0 allows attacker to access the file with system privilege...
CVE-2022-23998
Improper access control vulnerability in Camera prior to versions 11.1.02.16 in Android R11, 10.5.03.77 in Android Q10 and 9.0.6.68 in Android P9 allows untrusted applications to take a picture in screenlock status...
CVE-2022-23433
Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S12, 12.2.05.6000 in Android R11 and 11.6.08.6000 in Andoid Q10 allows attackers to register reminders or execute exporeted activities remotely...
CVE-2022-23434
A vulnerability using PendingIntent in Bixby Vision prior to versions 3.7.60.8 in Android S12, 3.7.50.6 in Andorid R11 and below allows attackers to execute privileged action by hijacking and modifying the intent...
Improper access control
Improper access control vulnerability in Camera prior to versions 11.1.02.16 in Android R11, 10.5.03.77 in Android Q10 and 9.0.6.68 in Android P9 allows untrusted applications to take a picture in screenlock status...
Improper access control
Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S12, 12.2.05.6000 in Android R11 and 11.6.08.6000 in Andoid Q10 allows attackers to register reminders or execute exporeted activities remotely...
Information disclosure
A vulnerability using PendingIntent in Bixby Vision prior to versions 3.7.60.8 in Android S12, 3.7.50.6 in Andorid R11 and below allows attackers to execute privileged action by hijacking and modifying the intent...
CVE-2022-23998
The CVE-2022-23998 entry documents an improper access control vulnerability in the Camera app on Android devices (pre-11.1.02.16 for Android R, pre-10.5.03.77 for Android Q, pre-9.0.6.68 for Android P). The issue allows untrusted applications to capture a photo while the device is screen-locked. ...
CVE-2022-23434
A vulnerability using PendingIntent in Bixby Vision prior to versions 3.7.60.8 in Android S12, 3.7.50.6 in Andorid R11 and below allows attackers to execute privileged action by hijacking and modifying the intent...
CVE-2022-23434
The CVE-2022-23434 issue affects Samsung Bixby Vision prior to versions 3.7.60.8 (Android S/12) and 3.7.50.6 (Android R/11 and older). The root cause is improper use of PendingIntent, allowing an attacker to hijack and modify the intent to trigger a privileged action. The available sources descri...
ASB-A-197399948
In updatePackageMappingsData of UsageStatsService.java, there is a possible way to bypass security and privacy settings of app usage due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
Information disclosure
A vulnerability using PendingIntent in Bixby Routines prior to version 3.1.21.8 in Android R11.0 and 2.6.30.5 in Android Q10.0 allows attackers to execute privileged action by hijacking and modifying the intent...
Information disclosure
A vulnerability using PendingIntent in Reminder prior to version 12.2.05.0 in Android R11.0 and 12.3.02.1000 in Android S12.0 allows attackers to execute privileged action by hijacking and modifying the intent...