221 matches found
CVE-2023-41960
The vulnerability allows an unprivilegeduntrusted third-party application to interact with a content-provider unsafely exposed by the Android Agent application, potentially modifying sensitive settings of the Android Client application itself...
CVE-2023-41960
The CVE-2023-41960 entry describes an issue where an unprivileged third-party application can interact with a content-provider unsafely exposed by the Android Agent application, potentially allowing modification of sensitive settings in the Android Client. Affected component: Android Agent’s cont...
PT-2023-28192 · Unknown · Android Agent
Name of the Vulnerable Software and Affected Versions: Android Agent application affected versions not specified Description: The issue allows an unprivileged untrusted third-party application to interact with a content-provider unsafely exposed by the Android Agent application. This could...
CVE-2023-44129
Summary: CVE-2023-44129 affects LG-patched Android Messaging (com.android.mms) via the exported activity com.android.mms.ui.QClipIntentReceiverActivity. An attacker can trigger the activity, broadcast the action com.lge.message.action.QCLIP, and send their own data with Intent.FLAG_GRANT_*; the p...
CVE-2023-30725
Improper authentication in LocalProvier of Gallery prior to version 14.5.01.2 allows attacker to access the data in content provider...
CVE-2023-30725
Improper authentication in LocalProvier of Gallery prior to version 14.5.01.2 allows attacker to access the data in content provider...
Authentication flaw
Improper authentication in LocalProvier of Gallery prior to version 14.5.01.2 allows attacker to access the data in content provider...
CVE-2023-30725
Improper authentication in LocalProvier of Gallery prior to version 14.5.01.2 allows attacker to access the data in content provider...
SAMSUNG Galaxy Store Security Breach
SAMSUNG Galaxy Store is an application store by Samsung South Korea. A security vulnerability exists in SAMSUNG Galaxy Store version 4.5.56.6, which stems from an incorrect incoming intent filtering issue that allows a local attacker to access the Privileged Content Provider with Galaxy Store...
SUSE CVE-2016-2810
Mozilla Firefox before 46.0 on Android before 5.0 allows attackers to bypass intended Signature access requirements via a crafted application that leverages content-provider permissions, as demonstrated by reading the browser history or a saved password...
SAMSUNG Mobile devices 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices Knox VPN module prior to SMR Aug-2022 Release 1, which stems from a vulnerability in the use ...
ASB-A-203229608
In startSync of AbstractThreadedSyncAdapter.java, there is a possible way to access protected content of content providers due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...
CVE-2021-0799
In ActivityThread.java, there is a possible way to collide the content provider's authorities. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-1976479...
Design/Logic Flaw
In ActivityThread.java, there is a possible way to collide the content provider's authorities. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-1976479...
CVE-2021-0799
In ActivityThread.java, there is a possible way to collide the content provider's authorities. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-1976479...
CVE-2021-25506
Non-existent provider in Samsung Health prior to 6.19.1.0001 allows attacker to access it via malicious content provider or lead to denial of service...
CVE-2021-25506
Non-existent provider in Samsung Health prior to 6.19.1.0001 allows attacker to access it via malicious content provider or lead to denial of service...
ASB-A-197647956
In ActivityThread.java, there is a possible way to collide the content provider's authorities. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2021-25499
Intent redirection vulnerability in SamsungAccountSDKSigninActivity of Galaxy Store prior to version 4.5.32.4 allows attacker to access content provider of Galaxy Store...
CVE-2021-25499
Intent redirection vulnerability in SamsungAccountSDKSigninActivity of Galaxy Store prior to version 4.5.32.4 allows attacker to access content provider of Galaxy Store...