95 matches found
CVE-2019-9280
In keyguard, there is a possible escalation of privilege due to improper permission checks. This could lead to a local bypass of the keyguard under limited circumstances, with User execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions:...
CVE-2019-9280
In keyguard, there is a possible escalation of privilege due to improper permission checks. This could lead to a local bypass of the keyguard under limited circumstances, with User execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions:...
Privilege escalation
In keyguard, there is a possible escalation of privilege due to improper permission checks. This could lead to a local bypass of the keyguard under limited circumstances, with User execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions:...
CVE-2019-9280
In keyguard, there is a possible escalation of privilege due to improper permission checks. This could lead to a local bypass of the keyguard under limited circumstances, with User execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions:...
CVE-2019-9280
CVE-2019-9280 affects Android 10 (Framework). The issue is an elevation-of-privilege in the keyguard caused by improper permission checks, enabling a local bypass of the keyguard under limited circumstances. Exploitation requires user execution privileges, but no user interaction is required. Aff...
Google Beefs Up Android Key Security for Mobile Apps
Google is making a few tweaks to its tools for Android mobile developers to boost the security of their wares – an apropos announcement against the backdrop of recent security issues stemming from poor development practices. Cryptographical changes this week for Android Keystore give developers...
Command injection
The Keyguard application in ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier...
CVE-2017-2692
The Keyguard application in ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier...
CVE-2017-2692
The Keyguard application in ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier...
CVE-2017-2692
CVE-2017-2692 affects Huawei EMUI (Keyguard) on numerous devices/builds. The issue is a privilege-elevation vulnerability caused by insufficient validation in the Keyguard app, allowing an attacker to inject commands to gain elevated privileges. Exploitation is described as possible via user inte...
CVE-2017-2692
The Keyguard application in ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier...
Huawei EMUI Elevation of Privilege Vulnerability
Huawei EMUI is a set of intelligent terminal human-computer interaction system based on the Android platform developed by China's Huawei Huawei. An elevation of privilege vulnerability exists in Huawei EMUI, which stems from a failure to adequately check specific parameters in the keyguard...
Security Advisory - Two Security Vulnerabilities in Huawei EMUI
Huawei EMUI3.1 has two vulnerabilities. The Keyguard application in Huawei EMUI3.1 has a privilege elevation vulnerability due to insufficient validation on specific parameters. An attacker may trick a user into installing a malicious application. Successful exploit could allow the attacker to...
Design/Logic Flaw
packages/Keyguard/res/layout/keyguardpasswordview.xml in Lockscreen in Android 5.x before 5.1.1 LMY48M does not restrict the number of characters in the passwordEntry input field, which allows physically proximate attackers to bypass intended access restrictions via a long password that triggers ...
CVE-2015-3860
CVE-2015-3860 is a Lockscreen elevation-of-privilege flaw in Android 5.0/5.1 (build LMY48M) where the passwordEntry field in Keyguard does not cap input length, enabling a physical attacker to crash SystemUI and bypass the lock screen. Affected versions include Android 5.0 and 5.1 up to 5.1.0; Go...