70 matches found
CVE-2022-20299
In ContentService, there is a possible way to check if the given account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2022-20303
In ContentService, there is a possible way to determine if an account is on the device without GETACCOUNTS permission due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-20298
In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2022-20303
In ContentService, there is a possible way to determine if an account is on the device without GETACCOUNTS permission due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-20296
In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Information disclosure
In ContentService, there is a possible way to check if the given account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Information disclosure
In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Information disclosure
In ContentService, there is a possible way to determine if an account is on the device without GETACCOUNTS permission due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product:...
Information disclosure
In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Information disclosure
In ContentService, there is a possible disclosure of available account types due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...
Information disclosure
In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that originates in ContentService, which allows checking the presence of an established account on the device due to a missing license check. An attacker...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google, Inc. in the United States. A security vulnerability exists in Google Android 13, which stems from a possible method to determine the type of account available in its ContentService due to a lack of permission checking, whic...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google Inc. in the United States. A security vulnerability exists in Google Android 13, which stems from a lack of permission checking in ContentService, which could potentially check for the existence of an account on the device,...
CVE-2022-20305
CVE-2022-20305 affects Android 13 ContentService. The issue is a missing permission check that allows a local attacker to disclose information about available account types. Exploitation requires user execution privileges but does not require user interaction. The CVSSv3.1 vector indicates a Loca...
CVE-2022-20303
In ContentService, there is a possible way to determine if an account is on the device without GETACCOUNTS permission due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-20303
CVE-2022-20303 (Android 13) in ContentService: a missing permission check allows an account-detection information disclosure without GET_ACCOUNTS permission. Local attacker with low privileges and no user interaction can reveal whether an account exists on the device. Mitigation is included in An...
CVE-2022-20299
CVE-2022-20299 affects the Android 13 ContentService. The vulnerability stems from a missing permission check that allows checking if a given account exists on the device, leading to local information disclosure. Exploitation would require local access with user privileges but does not require us...
CVE-2022-20299
In ContentService, there is a possible way to check if the given account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2022-20298
In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...