Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:4 a.m.3 views

CVE-2023-20912

In onActivityResult of AvatarPickerActivity.java, there is a possible way to access images belonging to other users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6.6AI score0.00125EPSS
Exploits0References1
OSV
OSV
added 2023/01/26 9:18 p.m.5 views

CVE-2023-20912

In onActivityResult of AvatarPickerActivity.java, there is a possible way to access images belonging to other users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7.2AI score0.00125EPSS
Exploits0References1
CVE
CVE
added 2023/01/24 12:0 a.m.154 views

CVE-2023-20912

CVE-2023-20912 affects Android 13 where AvatarPickerActivity.java’s onActivityResult lacks a permission check, enabling local privilege escalation by letting an app access other users’ images. Exploitation reportedly requires no user interaction; CVSS shows HIGH severity (LOCAL, LOW PRIVILEGES, N...

7.8CVSS7.7AI score0.00125EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/24 12:0 a.m.5 views

CVE-2023-20912

In onActivityResult of AvatarPickerActivity.java, there is a possible way to access images belonging to other users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.3AI score0.00125EPSS
Exploits0References1
Rows per page
Query Builder