Lucene search
K

464 matches found

CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from the lack of permission checks in the addInputMethodListener function within com.android.server.inputmethod.InputMethodManagerService. Th...

10CVSS5.3AI score0.00122EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.13 views

PT-2026-45610

Name of the Vulnerable Software and Affected Versions WindowManagerService affected versions not specified Description A tapjacking issue exists in the addWindow function of WindowManagerService.java, where a tapjacking or overlay attack—a technique where a malicious application overlays a...

7.8CVSS5.9AI score0.00067EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from a permission bypass in the CredentialManagerService.java file’s updateProvidersWhenServiceRemoved method. This vulnerability may lead to...

3.3CVSS5.3AI score0.00065EPSS
Exploits0References1
OSV
OSV
added 2026/06/01 12:0 a.m.11 views

ASB-A-389950114

In addWindow of WindowManagerService.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00067EPSS
Exploits0References1
OSV
OSV
added 2026/06/01 12:0 a.m.10 views

ASB-A-449392803

In multiple functions of AccessibilityManagerService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.9AI score0.00071EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from improper input validation in multiple functions within DevicePolicyManagerService.java. These vulnerabilities may lead to local...

5.5CVSS5.3AI score0.00066EPSS
Exploits0References1
NVD
NVD
added 2026/04/29 5:16 a.m.10 views

CVE-2026-21023

Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application...

6.9CVSS0.00104EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/29 4:46 a.m.30 views

CVE-2026-21023

Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application...

6.9CVSS0.00104EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/29 4:46 a.m.6 views

CVE-2026-21023

Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application...

6.9CVSS5.2AI score0.00104EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/29 4:46 a.m.10 views

EUVD-2026-26192

Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application...

6.9CVSS5.2AI score0.00104EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.9 views

PT-2026-35867

Name of the Vulnerable Software and Affected Versions PackageManagerService versions prior to SMR Mar-2026 Release 1 Description Insufficient verification of data authenticity in the PackageManagerService allows local attackers to modify the installation restriction of specific applications...

6.9CVSS5.8AI score0.00104EPSS
Exploits0References6
CNVD
CNVD
added 2026/03/09 12:0 a.m.4 views

Google Android elevation of privilege vulnerability (CNVD-2026-16155)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which stems from a lack of privilege checking in the relayoutWindow function of WindowManagerService.java, which can be exploited by an attacker to gain...

8.4CVSS5.7AI score0.00094EPSS
Exploits0
OSV
OSV
added 2026/03/02 7:16 p.m.10 views

CVE-2026-0047

In dumpBitmapsProto of ActivityManagerService.java, there is a possible way for an app to access private information due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS5.9AI score0.00138EPSS
Exploits1References1
NVD
NVD
added 2026/03/02 7:16 p.m.7 views

CVE-2026-0026

In removePermission of PermissionManagerServiceImpl.java, there is a possible way to override any system permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

7.8CVSS0.00096EPSS
Exploits0References1
OSV
OSV
added 2026/03/02 7:16 p.m.8 views

CVE-2026-0026

In removePermission of PermissionManagerServiceImpl.java, there is a possible way to override any system permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

7.8CVSS5.9AI score
Exploits0References1
NVD
NVD
added 2026/03/02 7:16 p.m.13 views

CVE-2026-0010

In onTransact of IDrmManagerService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS0.00094EPSS
Exploits0References1
OSV
OSV
added 2026/03/02 7:16 p.m.4 views

CVE-2025-48634

In relayoutWindow of WindowManagerService.java, there is a possible tapjack attack due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.3CVSS5.9AI score0.00094EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/02 6:43 p.m.20 views

CVE-2026-0047

In dumpBitmapsProto of ActivityManagerService.java, there is a possible way for an app to access private information due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00138EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/02 6:43 p.m.7 views

CVE-2026-0047

In dumpBitmapsProto of ActivityManagerService.java, there is a possible way for an app to access private information due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS6.1AI score0.00138EPSS
Exploits1References3
CVE
CVE
added 2026/03/02 6:42 p.m.22 views

CVE-2026-0026

CVE-2026-0026 describes a logic error in Android’s PermissionManagerServiceImpl.java removePermission path that could allow overriding any system permission, enabling local privilege escalation. Exploitation requires user interaction, and no additional execution privileges are stated. The connect...

7.8CVSS6.1AI score0.00096EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder