CVE-2023-40136

In setHeader of DialogFillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

EUVD-2023-44744

Malicious code in bioql PyPI...

ASB-A-281666022

In setHeader of DialogFillUi.java, there is a possible way to view other user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-283264674

In multiple locations of DialogFillUi.java, there is a possible way to view another user's image. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-281665050

In createDatasetItems of DialogFillUi.java, there is a possible way to view another user's image. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Information disclosure

In multiple locations of DialogFillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-40137

In multiple functions of DialogFillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-40137

CVE-2023-40137 affects Android’s DialogFillUi.java and enables local information disclosure of other users’ images due to a confused deputy, with no extra privileges or user interaction required. The vulnerability is documented across multiple sources (NVD entry, CVE list, OSV/ARMS-like records) ...

CVE-2023-40136

In setHeader of DialogFillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-40133

In multiple locations of DialogFillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-40133

CVE-2023-40133: In multiple locations of DialogFillUi.java, a confused deputy vulnerability allows an attacker to perform local information disclosure by viewing another user’s images. This requires no user interaction and can be exploited with local privileges (low attack complexity, low privile...

PT-2023-27288 · Google · Android

Name of the Vulnerable Software and Affected Versions: DialogFillUi.java affected versions not specified Description: The issue is related to a confused deputy in the setHeader of DialogFillUi.java, allowing an attacker to view another user's images. This could lead to local information disclosur...