CVE-2022-20298

In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2022-20296

This CVE affects Android 13 ContentService. The issue is a missing permission check that allows an attacker with local access to determine whether an account exists on the device, enabling local information disclosure. Exploitation is rated as LOCAL with LOW exploit complexity and requires LOW pr...

CVE-2022-20296

In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2022-20295

CVE-2022-20295 affects Android 13 via a missing permission check in ContentService, enabling information disclosure by checking whether an account exists on the device. Impact is local, with no user interaction required beyond local access; exploits are described as requiring user privileges but ...

CVE-2022-20295

In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

PT-2022-14521 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges...

PT-2022-14529 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue concerns a missing permission check in the ContentService, allowing potential local information disclosure without requiring the GET ACCOUNTS permission. This could be exploited with User...

PT-2022-14525 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: In ContentService, there is a possible way to check if a given account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution...

Google Android system service ContentService suffers from a null object reference vulnerability

Google Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Consortium. A null object reference vulnerability exists in the Google Android system service ContentService. The vulnerability stems from an exception in the parameters passed to t...

CVE-2016-2426

server/content/ContentService.java in the Framework component in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not check for a GETACCOUNTS permission, which allows attackers to obtain sensitive information via a crafted application, aka internal...