CVE-2022-20394

In getInputMethodWindowVisibleHeight of InputMethodManagerService.java, there is a possible way to determine when another app is showing an IME due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android versions 10, 11, and 12, which stems from an eavesdropping/overwriting attack in onCreate of MasterClearConfirmFragment.java, which may restore factory settings and cause a...

PT-2023-12638 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions 10 through 12 Description: The issue concerns a tapjacking attack vulnerability in the In Car Settings app, specifically with the toggle button in Modify system settings. This allows attackers to overlay the toggle button,...

PT-2022-14694 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-12L Description: The issue is related to the setEnabledSetting function in PackageManager.java, which can cause the device to enter an infinite reboot loop due to resource exhaustion. This can lead ...

UNISOC chipset 安全漏洞

UNISOC chipset is an integrated circuit chipset from China's Zilight Zhanrui UNISOC. A security vulnerability exists in UNISOC chipsets SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820, S8000, which originates from a lack of privilege checking in t...

UNISOC chipset 安全漏洞

UNISOC chipset is an integrated circuit chipset from China's Zilight Zhanrui UNISOC. A security vulnerability exists in UNISOC chipsets SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820, S8000, which originates from a lack of privilege checking in t...

UNISOC chipset 安全漏洞

UNISOC chipset is an integrated circuit chipset from China's Unisoc Corporation. A security vulnerability exists in UNISOC chipset due to a lack of privilege checking in the gallery service, which could be exploited by an attacker to cause a local denial of service, and the following products and...

PT-2022-14587 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-12L Description: The issue is related to a missing permission check in the setChecked method of SecureNfcPreferenceController.java. This could lead to local escalation of privilege from the guest us...

MediaTek多款产品安全漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in MediaTek, which can be exploited by attackers to cause an escalation of privileges. The following products and versions are affected: chips, MT6731, MT6732, MT6735, MT6737, MT6739,...