Lucene search
K

241 matches found

RedhatCVE
RedhatCVE
added 2026/03/04 1:56 a.m.4 views

CVE-2024-31328

In broadcastIntentLockedTraced of BroadcastController.java, there is a possible way to launch arbitrary activities from the background on the paired companion phone due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed...

8.8CVSS6.2AI score0.00115EPSS
Exploits0References1
NVD
NVD
added 2026/03/02 7:16 p.m.6 views

CVE-2024-31328

In broadcastIntentLockedTraced of BroadcastController.java, there is a possible way to launch arbitrary activities from the background on the paired companion phone due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed...

8.8CVSS0.00115EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:31 p.m.6 views

CVE-2023-40079

In injectSendIntentSender of ShortcutService.java, there is a possible background activity launch due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.1AI score0.00127EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:31 p.m.6 views

CVE-2023-40116

In onTaskAppeared of PipTaskOrganizer.java, there is a possible way to bypass background activity launch restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS6.9AI score0.00102EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:30 p.m.8 views

CVE-2023-40109

In createFromParcel of UsbConfiguration.java, there is a possible background activity launch BAL due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

7.8CVSS7.1AI score0.00186EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:30 p.m.7 views

CVE-2023-40095

In createDontSendToRestrictedAppsBundle of PendingIntentUtils.java, there is a possible background activity launch due to a missing check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.1AI score0.00126EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/10 12:0 a.m.6 views

Google Android Privilege Bypass Vulnerability

Google Android is a free and open source mobile operating system based on the Linux kernel developed by Google. Google Android suffers from a privilege bypass vulnerability that can be exploited by an attacker to cause activities to be launched from the background and local elevation of privilege...

7.8CVSS6.5AI score0.00232EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/09 5:27 p.m.5 views

CVE-2025-22432

In notifyTimeout of CallRedirectionProcessor.java, there is a possible persistent connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for exploitation...

6.7CVSS6.8AI score0.00097EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/08 6:30 p.m.5 views

EUVD-2025-201787

In notifyTimeout of CallRedirectionProcessor.java, there is a possible persistent connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for exploitation...

6.7CVSS6.3AI score0.00097EPSS
Exploits0References3
NVD
NVD
added 2025/12/08 5:16 p.m.10 views

CVE-2025-48627

In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to launch an activity from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS0.00079EPSS
Exploits0References2
OSV
OSV
added 2025/12/08 5:16 p.m.6 views

CVE-2025-48627

In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to launch an activity from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS5.9AI score0.00079EPSS
Exploits0References2
NVD
NVD
added 2025/12/08 5:16 p.m.7 views

CVE-2025-48572

In multiple locations, there is a possible way to launch activities from the background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00232EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/08 4:57 p.m.23 views

CVE-2025-48627

In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to launch an activity from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

0.00079EPSS
Exploits0References2
CVE
CVE
added 2025/12/08 4:57 p.m.21 views

CVE-2025-48627

CVE-2025-48627 affects the Android Framework, specifically the startNextMatchingActivity path in ActivityTaskManagerService.java. The issue is a logic error that can allow launching an activity from the background, resulting in local escalation of privilege without additional execution privileges...

7.8CVSS6.5AI score0.00079EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/12/08 4:57 p.m.28 views

CVE-2025-48572

In multiple locations, there is a possible way to launch activities from the background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00232EPSS
Exploits0References2
CVE
CVE
added 2025/12/08 4:57 p.m.106 views

CVE-2025-48572

CVE-2025-48572 is an Android Framework privilege-escalation vulnerability. It stems from improper input validation in the Framework component, allowing a local application to launch activities from background and execute arbitrary code with elevated privileges. Affected products are Android devic...

7.8CVSS6.5AI score0.00232EPSS
In wildExploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/08 4:56 p.m.4 views

CVE-2025-22432

In notifyTimeout of CallRedirectionProcessor.java, there is a possible persistent connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for exploitation...

6.4AI score0.00097EPSS
Exploits0References2
CVE
CVE
added 2025/12/08 4:56 p.m.54 views

CVE-2025-22432

CVE-2025-22432 affects the Android Framework (CallRedirectionProcessor.java). The root cause is improper input validation in notifyTimeout, which may create a persistent connection and enable local escalation of privilege, triggering background activity launches with User privileges and no user i...

6.7CVSS6.4AI score0.00097EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/12/08 12:0 a.m.5 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from the American company Google. A security vulnerability exists in Google Android that stems from improper input validation, which could lead to local elevation of privilege and background activity initiation...

6.7CVSS6.2AI score0.00097EPSS
Exploits0References4
OSV
OSV
added 2025/12/01 12:0 a.m.24 views

ASB-A-376461726

In notifyTimeout of CallRedirectionProcessor.java, there is a possible persistent connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for exploitation...

6.7CVSS6.7AI score0.00097EPSS
Exploits0References2
Rows per page
Query Builder