Google Android Resource Management Error Vulnerability (CNVD-2024-13566)

Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability, and no details of the vulnerability are available at this time...

Pixel Update Bulletin—January 2023Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices Google devices. For Google devices, security patch levels of 2023-01-05 or later address all issues in this bulletin and all issues in the January 2023 Android...

CVE-2021-0922

In enforceCrossUserOrProfilePermission of PackageManagerService.java, there is a possible bypass of INTERACTACROSSPROFILES permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed...

Design/Logic Flaw

In ActivityThread.java, there is a possible way to collide the content provider's authorities. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-1976479...

CVE-2021-1019

CVE-2021-1019 affects Android 12 where in snoozeNotification() of NotificationListenerService.java a permission confusion arises from a misleading user consent dialog. This enables local elevation of privilege with user interaction required for exploitation. The NVD notes a base CVSSv3.1 score of...

CVE-2021-39651

In TBD of TBD, there is a possible way to access PIN protected settings bypassing PIN confirmation due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2021-0982

CVE-2021-0982 affects Android 12 and is due to a missing permission check in getOrganizationNameForUser within DevicePolicyManagerService.java, leading to local information disclosure without requiring user interaction. The vulnerability enables disclosure of organization name information with lo...

CVE-2021-0997

CVE-2021-0997 affects Android 12; the issue is in GnssNetworkConnectivityHandler.java (handleUpdateNetworkState) where a log information disclosure enables local information disclosure with no extra privileges and without user interaction. Exploitation requires local access; impact is confidentia...

CVE-2021-1014

CVE-2021-1014 affects Android 12 via the getNetworkTypeForSubscriber path in PhoneInterfaceManager.java. The vulnerability arises from a side-channel that lets a local attacker determine whether an app is installed without query permissions, enabling local information disclosure without additiona...

CVE-2021-1032

CVE-2021-1032 affects Android 12 and is tied to getMimeGroup in PackageManagerService.java. The issue enables a side-channel disclosure that can reveal whether an app is installed without any query permissions, constituting a local information disclosure. Exploitation requires no user interaction...

Google Android 安全漏洞

Google Android is a Linux-based open-source operating system from the US company Google. Google Android has an information leakage vulnerability that can be exploited by attackers to obtain sensitive information...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android 11 has a security vulnerability that stems from a security flaw in the system's Pixel Bootloader...

Google Android 信息泄露漏洞

Google Android is a Linux-based open source operating system from Google, Inc. Google Android has an information disclosure vulnerability that can be exploited by attackers to cause local information disclosure without additional execution privileges...

Pixel Update Bulletin—December 2021Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices Google devices. For Google devices, security patch levels of 2021-12-05 or later address all issues in this bulletin and all issues in the December 2021 Android...

CVE-2021-23162

The CVE-2021-23162 entry applies to Gallagher Command Centre Mobile Connect for Android, affecting versions before 15.04.040 and version 14 and earlier. The root cause is improper validation of the cloud certificate chain, enabling a man-in-the-middle attack to impersonate the legitimate Command ...

CVE-2021-43189

In JetBrains YouTrack Mobile before 2021.2, access token protection on Android is incomplete...

Google Android 安全漏洞

Google Pixel is a smartphone from the U.S. company Google Google. Android Pixel has a security vulnerability, and no details of the vulnerability are currently available...

Google Android 安全漏洞

Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Alliance OHA for short. an elevation of privilege vulnerability exists in the Framework component of Google Android version 11. No detailed vulnerability details are available...

Pixel Update Bulletin—November 2021Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices Google devices. For Google devices, security patch levels of 2021-11-05 or later address all issues in this bulletin and all issues in the November 2021 Android...

This New Android Malware Can Gain Root Access to Your Smartphones

An unidentified threat actor has been linked to a new Android malware strain that features the ability to root smartphones and take complete control over infected smartphones while simultaneously taking steps to evade detection. The malware has been named "AbstractEmu" owing to its use of code...