Lucene search
K

769 matches found

CNNVD
CNNVD
added 2023/01/26 12:0 a.m.4 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, Inc. in the United States. A security vulnerability exists in Google Android versions 10, 11 and 12, which originates from an eavesdropping/overwriting attack in ApplicationsDetailsActivity of AndroidManifest.xml, which cou...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/01/26 12:0 a.m.3 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android versions 10, 11, and 12, which stems from an eavesdropping/overwriting attack in onCreate of MasterClearConfirmFragment.java, which may restore factory settings and cause a...

5.5CVSS6.4AI score0.00126EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/01/24 12:0 a.m.3 views

PT-2023-12638 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions 10 through 12 Description: The issue concerns a tapjacking attack vulnerability in the In Car Settings app, specifically with the toggle button in Modify system settings. This allows attackers to overlay the toggle button,...

4.7CVSS5AI score0.00226EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/01/24 12:0 a.m.5 views

PT-2023-12652 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-13 Description: The issue is related to a possible failure to persist permissions settings due to resource exhaustion in multiple functions of AutomaticZenRule.java. This could lead to local...

7.8CVSS6.7AI score0.00269EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/01/24 12:0 a.m.6 views

PT-2023-17705 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-13 Description: A logic error in the code of PhoneAccountRegistrar.java allows for a possible way to enable a phone account without user interaction. This could lead to local escalation of privilege...

7.8CVSS7.6AI score0.00142EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/01/24 12:0 a.m.3 views

PT-2023-12654 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-13 Description: The issue is related to improper input validation in Condition.java, which could allow for local escalation of privilege without needing additional execution privileges. User...

7.8CVSS7.5AI score0.00218EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/01/24 12:0 a.m.4 views

PT-2023-12637 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-12 Description: The issue is related to a tapjacking/overlay attack in the ApplicationsDetailsActivity of AndroidManifest.xml, which could lead to a local denial of service. This attack requires use...

5.5CVSS5.3AI score0.00126EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/01/24 12:0 a.m.6 views

PT-2023-17695 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 Description: The issue is related to a possible out of bounds write in the Mfc Transceive function of phNxpExtns MifareStd.cpp. This could lead to local escalation of privilege with no additional execution privileg...

7.8CVSS7.6AI score0.00136EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2023/01/19 7:47 p.m.5 views

Exploit for CVE-2019-16253

K0mraid3s-System-Shell Way back in 2019, a vulnerability that...

7.8CVSS7.5AI score0.01192EPSS
Exploits2
OSV
OSV
added 2022/12/13 4:15 p.m.3 views

CVE-2022-20483

In several functions that parse avrc response in avrcparsct.cc and related files, there are possible out of bounds reads due to integer overflows. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for...

7.5CVSS5.9AI score
Exploits0References1
OSV
OSV
added 2022/12/13 4:15 p.m.6 views

CVE-2022-20486

In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS5.9AI score0.0012EPSS
Exploits0References1
OSV
OSV
added 2022/12/13 4:15 p.m.7 views

CVE-2022-20495

In getEnabledAccessibilityServiceList of AccessibilityManager.java, there is a possible way to hide an accessibility service due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS5.9AI score0.00167EPSS
Exploits0References1
OSV
OSV
added 2022/12/13 4:15 p.m.4 views

CVE-2022-20491

In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS5.9AI score0.00168EPSS
Exploits0References1
OSV
OSV
added 2022/12/13 4:15 p.m.4 views

CVE-2022-20480

In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS5.9AI score0.00166EPSS
Exploits0References1
OSV
OSV
added 2022/12/13 4:15 p.m.5 views

CVE-2022-20470

In bindRemoteViewsService of AppWidgetServiceImpl.java, there is a possible way to bypass background activity launch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS5.9AI score0.00182EPSS
Exploits0References1
OSV
OSV
added 2022/12/13 4:15 p.m.3 views

CVE-2022-20411

In avdtmsgasmbl of avdtmsg.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

8.8CVSS6.3AI score0.01868EPSS
Exploits0References1
OSV
OSV
added 2022/12/13 4:15 p.m.4 views

CVE-2021-0934

In findAllDeAccounts of AccountsDb.java, there is a possible denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11...

5.5CVSS5.9AI score0.00092EPSS
Exploits0References1
OSV
OSV
added 2022/12/13 4:15 p.m.1 views

UBUNTU-CVE-2022-20486

In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS5.9AI score0.0012EPSS
Exploits0References3
OSV
OSV
added 2022/12/13 4:15 p.m.5 views

UBUNTU-CVE-2022-20487

In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS7.2AI score0.00119EPSS
Exploits0References3
OSV
OSV
added 2022/12/13 4:15 p.m.1 views

UBUNTU-CVE-2022-20474

In readLazyValue of Parcel.java, there is a possible loading of arbitrary code into the System Settings app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS6.2AI score0.00242EPSS
Exploits1References3
Rows per page
Query Builder