35 matches found
EUVD-2021-25983
Malware in sbrugna...
EUVD-2022-25607
Malicious code in bioql PyPI...
EUVD-2023-25114
Malicious code in bioql PyPI...
EUVD-2022-25689
Malicious code in bioql PyPI...
CVE-2023-20946
In onStart of BluetoothSwitchPreferenceController.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-20347
In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-20429
In CarSettings of app packages, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-...
CVE-2021-39626
In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2023-20946
In onStart of BluetoothSwitchPreferenceController.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
PT-2023-17735 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: The issue is related to a possible permission bypass due to a confused deputy in the onStart of BluetoothSwitchPreferenceController.java. This could lead to remote escalation of...
CVE-2023-20946
In onStart of BluetoothSwitchPreferenceController.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2023-20946
In onStart of BluetoothSwitchPreferenceController.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
Google Android elevation of privilege vulnerability (CNVD-2022-81237)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that stems from proxy obfuscation in the CarSettings of the application package, which can be exploited by an attacker to cause an elevation of privilege i...
CVE-2022-20429
In CarSettings of app packages, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-...
CVE-2022-20429
In CarSettings of app packages, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-...
CVE-2022-20429
In CarSettings of app packages, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-...
CVE-2022-20429
CVE-2022-20429 affects Android’s CarSettings component across Android-10/11/12/12L. The issue enables a local elevation of privilege in Bluetooth settings via a confused deputy, requiring no user interaction and permitting an adjacent attacker with no privileges to exploit (per the referenced NVD...
CVE-2022-20429
In CarSettings of app packages, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that stems from proxy obfuscation in the CarSettings of the application package, which can be exploited by an attacker to cause an elevation of privilege i...
Android Automotive OS Update Bulletin—October 2022Stay organized with collectionsSave and categorize content based on your preferences.
The Android Automotive OS AAOS Update Bulletin contains details of security vulnerabilities affecting the Android Automotive OS platform. The full AAOS update comprises the security patch level of 2022-10-05 or later from the October 2022 Android Security Bulletin in addition to all issues in thi...