18 matches found
EUVD-2022-25805
Malicious code in bioql PyPI...
CVE-2023-21139
In bindPlayer of MediaControlPanel.java, there is a possible launch arbitrary activity in SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2022-20545
In bindArtworkAndColors of MediaControlPanel.java, there is a possible way to crash the phone due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
ASB-A-271851153
In setMetadata of MediaSessionRecord.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
Google Android elevation of privilege vulnerability (CNVD-2023-50829)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to an Unsafe Intent in the bindPlayer of MediaControlPanel.java. An attacker can exploit this vulnerability to elevate privileges...
CVE-2023-21139
In bindPlayer of MediaControlPanel.java, there is a possible launch arbitrary activity in SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Privilege escalation
In bindPlayer of MediaControlPanel.java, there is a possible launch arbitrary activity in SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Design/Logic Flaw
In bindOutputSwitcherAndBroadcastButton of MediaControlPanel.java, there is a possible launch arbitrary activity under SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-21126
In bindOutputSwitcherAndBroadcastButton of MediaControlPanel.java, there is a possible launch arbitrary activity under SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-21139
CVE-2023-21139 is tied to Android 13 in the SysUI component, where the unsafe Intent in the MediaControlPanel.java function bindPlayer can launch a privileged activity. This creates a local elevation-of-privilege risk with no extra execution privileges and no user interaction required for exploit...
ASB-A-271845008
In bindPlayer of MediaControlPanel.java, there is a possible launch arbitrary activity in SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Input validation
In bindArtworkAndColors of MediaControlPanel.java, there is a possible way to crash the phone due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2022-20545
In bindArtworkAndColors of MediaControlPanel.java, there is a possible way to crash the phone due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2022-20545
In bindArtworkAndColors of MediaControlPanel.java, there is a possible way to crash the phone due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
PUB-A-239368697
In bindArtworkAndColors of MediaControlPanel.java, there is a possible way to crash the phone due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
Google Android bind denial of service vulnerability
Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. A denial of service vulnerability exists in Google Android bind. The vulnerability is caused due to a failure to properly validate inputs in the MediaControlPanel.java bind. An attacker...
CVE-2021-0551
In bind of MediaControlPanel.java, there is a possible way to lock up the system UI using a malicious media file due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product:...
Google Android 注入漏洞
Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. A denial of service vulnerability exists in Google Android bind. The vulnerability is caused due to a failure to properly validate inputs in the MediaControlPanel.java bind. An attacker...