CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

67 matches found

Prion•added 2022/06/15 2:15 p.m.•13 views

Design/Logic Flaw

In ACTIONMANAGEDPROFILEPROVISIONED of DevicePolicyManagerService.java, there is a possible way for unprivileged app to send MANAGEDPROFILEPROVISIONED intent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User...

7.2CVSS7.6AI score0.00209EPSS

Exploits0References1Affected Software1

CVE•added 2022/06/15 1:23 p.m.•91 views

CVE-2022-20204

CVE-2022-20204 concerns Android 12L where the function DevicePolicyManagerService.registerRemoteBugreportReceivers lacks a required permission check. The flaw allows forging bug reports, enabling local elevation of privilege with no additional execution privileges and no user interaction required...

7.8CVSS7.6AI score0.00102EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/06/15 1:2 p.m.•23 views

CVE-2022-20138

7.9AI score0.00209EPSS

Exploits0References1

CNVD•added 2022/06/14 12:0 a.m.•8 views

Google Android Elevation of Privilege Vulnerability (CNVD-2022-52272)

Google Android is a Linux-based open source operating system from Google, Inc. An elevation of privilege vulnerability exists in Google Android, which originates in DevicePolicyManagerService.java's registerRemoteBugreportReceivers. Due to the lack of permission checking, a forged error report ma...

7.8CVSS4.4AI score0.00102EPSS

Exploits0References1

OSV•added 2022/06/01 12:0 a.m.•22 views

ASB-A-210469972

7.8CVSS7.8AI score0.00209EPSS

Exploits0References3

OSV•added 2021/12/15 7:15 p.m.•2 views

CVE-2021-0986

In hasGrantedPolicy of DevicePolicyManagerService.java, there is a possible information disclosure about the device owner, profile owner, or device admin due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User...

5.5CVSS5.9AI score0.0011EPSS

Exploits0References1

NVD•added 2021/12/15 7:15 p.m.•12 views

CVE-2021-0986

5.5CVSS0.0011EPSS

Exploits0References1

NVD•added 2021/12/15 7:15 p.m.•8 views

CVE-2021-0982

In getOrganizationNameForUser of DevicePolicyManagerService.java, there is a possible organization name disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

3.3CVSS0.00104EPSS

Exploits0References1

NVD•added 2021/12/15 7:15 p.m.•25 views

CVE-2021-0983

In createAdminSupportIntent of DevicePolicyManagerService.java, there is a possible disclosure of information about installed device/profile owner package name due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges neede...

3.3CVSS0.0011EPSS

Exploits0References1

Prion•added 2021/12/15 7:15 p.m.•16 views

Information disclosure

2.1CVSS3.7AI score0.00104EPSS

Exploits0References1Affected Software1

Prion•added 2021/12/15 7:15 p.m.•14 views

Information disclosure

2.1CVSS3.5AI score0.0011EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/12/15 6:6 p.m.•16 views

CVE-2021-0986

5.4AI score0.0011EPSS

Exploits0References1

CVE•added 2021/12/15 6:6 p.m.•66 views

CVE-2021-0982

CVE-2021-0982 affects Android 12 and is due to a missing permission check in getOrganizationNameForUser within DevicePolicyManagerService.java, leading to local information disclosure without requiring user interaction. The vulnerability enables disclosure of organization name information with lo...

3.3CVSS3.6AI score0.00104EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/12/15 6:6 p.m.•12 views

CVE-2021-0982

3.9AI score0.00104EPSS

Exploits0References1

CVE•added 2021/12/15 6:6 p.m.•79 views

CVE-2021-0983

CVE-2021-0983 affects Android 12L in the DevicePolicyManagerService.createAdminSupportIntent, enabling local information disclosure of the installed device/profile owner package name via a side-channel. Exploitation requires no user interaction and does not require additional privileges; impact i...

3.3CVSS3.5AI score0.0011EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/12/15 6:6 p.m.•13 views

CVE-2021-0983

3.8AI score0.0011EPSS

Exploits0References1

Positive Technologies•added 2021/12/15 12:0 a.m.•2 views

PT-2021-13391 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-12 Description: The issue is related to a logic error in the code of DevicePolicyManagerService.java, specifically in the hasGrantedPolicy function. This error could lead to local information disclosure about the devi...

5.5CVSS5.2AI score0.0011EPSS

Exploits0References3

NVD•added 2021/06/22 11:15 a.m.•17 views

CVE-2021-0568

In onReceive of DevicePolicyManagerService.java, there is a possible enabling of disabled profiles due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS0.00107EPSS

Exploits0References1

Prion•added 2021/06/22 11:15 a.m.•15 views

Design/Logic Flaw

4.6CVSS7.6AI score0.00107EPSS

Exploits0References1Affected Software1

CVE•added 2021/06/22 10:57 a.m.•71 views

CVE-2021-0568

The CVE-2021-0568 entry relates to Android 11 and specifically the DevicePolicyManagerService.java onReceive path. The vulnerability is described as a missing permission check that could enable disabled profiles, resulting in local elevation of privilege with no extra execution privileges require...

7.8CVSS7.6AI score0.00107EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by