371 matches found
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from an Improper Access Control vulnerability, which stems from an Improper Access Control vulnerability in the Xiao Yi Input Method...
CVE-2023-21336
In Input Method, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21337
In InputMethod, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21338
In Input Method, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitatio...
CVE-2023-21336
In Input Method, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21338
In Input Method, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitatio...
Input validation
In Input Method, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitatio...
CVE-2023-21338
CVE-2023-21338 affects Android’s Input Method. The issue is a side-channel information disclosure that lets an app determine whether another app is installed without query permissions, enabling local elevation of privilege with no additional execution privileges required. The Android 14 security ...
CVE-2023-21336
In Input Method, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21338
In Input Method, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitatio...
CVE-2023-21336
In Input Method, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21338
In Input Method, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitatio...
CVE-2023-21336
CVE-2023-21336 concerns an information disclosure vulnerability in Android’s Input Method, where side-channel information can reveal whether an app is installed without query permissions. The issue is described as a local information disclosure with no extra execution privileges required, and exp...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability, which is caused by the disclosure of side channel information in the input method. The vulnerability can be exploited by an attacker to obtain sensitive...
PT-2023-18113 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions affected versions not specified Description: In InputMethod, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local...
PT-2023-18112 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: In the Input Method, there is a possible way to determine whether an app is installed without query permissions due to side channel information disclosure. This could lead to local...
PT-2023-18114 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions affected versions not specified Description: In the Input Method, there is a possible way to determine whether an app is installed without query permissions due to side channel information disclosure. This could lead to local...
CVE-2023-39384
Vulnerability of incomplete permission verification in the input method module. Successful exploitation of this vulnerability may cause features to perform abnormally...
CVE-2023-39384
Vulnerability of incomplete permission verification in the input method module. Successful exploitation of this vulnerability may cause features to perform abnormally...
CVE-2023-39384
Vulnerability of incomplete permission verification in the input method module. Successful exploitation of this vulnerability may cause features to perform abnormally...