26 matches found
PT-2026-4709
In startAnimation of StageCoordinator.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-4712
Name of the Vulnerable Software and Affected Versions Chromium affected versions not specified Description An integer overflow in multiple functions within ubsan throwing runtime.cpp can cause a UBSan failure. This issue may lead to a remote denial of service without requiring additional executio...
PT-2026-4695
In isPackageNullOrSystem of AppOpsService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-4707
Name of the Vulnerable Software and Affected Versions ManagedServices affected versions not specified Description An issue exists in the setPackageOrComponentEnabled function of ManagedServices.java related to improper input validation. This can result in a notification policy desync, potentially...
PT-2026-4715
In multiple functions of ubsan throwing runtime.cpp, there is a possible way to cause the system to crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-4689
In executeRequest of ActivityStarter.java, there is a possible launch anywhere due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
PT-2026-4691
Name of the Vulnerable Software and Affected Versions Android devices with MDM affected versions not specified Description A logic error in the performPreInstallChecks function within InstallRepository.kt allows for a bypass of the Mobile Device Management MDM policy. This flaw enables local...
PT-2026-4692
In loadDataAndPostValue of multiple files, there is a possible way to obscure permission usage due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-4714
In multiple functions of ubsan throwing runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-4696
In multiple locations of AppOpsService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-4710
Name of the Vulnerable Software and Affected Versions GrapheneOS versions prior to 2026030200 Description An integer overflow in multiple functions within ubsan throwing runtime.cpp can lead to a persistent denial of service. This issue allows for remote denial of service without requiring...
PT-2026-4705
Name of the Vulnerable Software and Affected Versions versions prior to 2026-0025 Description A permissions bypass exists in the hasImage function of Notification.java, potentially allowing information disclosure across users. This could lead to local escalation of privilege without requiring...
PT-2026-4708
In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
PT-2026-4703
Name of the Vulnerable Software and Affected Versions Android affected versions not specified Description A flaw exists in the PackageInstallerService.java component, specifically within the createSessionInternal function. This issue allows an application to potentially alter its ownership due to...
PT-2026-4693
In onStart of CompanionDeviceManagerService.java, there is a possible confused deputy due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-4700
In parsePermissionGroup of ParsedPermissionUtils.java, there is a possible way to bypass a consent dialog to obtain permissions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
PT-2026-4713
In multiple functions of ubsan throwing runtime.cpp, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-4688
In loadDescription of DeviceAdminInfo.java, there is a possible persistent package due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-4687
In multiple locations, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-4698
In onChange of BiometricService.java, there is a possible way to enable fingerprint unlock due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...