Lucene search
K

101 matches found

Cvelist
Cvelist
added 2022/10/07 12:0 a.m.29 views

CVE-2022-39869

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via REMOVEPERSISTENTBANNER broadcast...

4CVSS7.5AI score0.00342EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/10/07 12:0 a.m.4 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices version 1.7.89.0, which stems from an improper access control vulnerability in...

7.5CVSS7.4AI score0.00342EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/10/07 12:0 a.m.3 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices version 1.7.89.0 due to an improper access control vulnerability in...

7.5CVSS7.4AI score0.00342EPSS
Exploits0References2
OSV
OSV
added 2022/06/15 2:15 p.m.4 views

CVE-2022-20206

In setPackageOrComponentEnabled of NotificationManagerService.java, there is a missing permission check. This could lead to local information disclosure about enabled notification listeners with User execution privileges needed. User interaction is not needed for exploitation.Product:...

5.5CVSS6.8AI score0.00103EPSS
Exploits0References1
OSV
OSV
added 2022/06/01 12:0 a.m.4 views

PUB-A-220737634

In setPackageOrComponentEnabled of NotificationManagerService.java, there is a missing permission check. This could lead to local information disclosure about enabled notification listeners with User execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS6.1AI score0.00103EPSS
Exploits0References1
CISA KEV Catalog
CISA KEV Catalog
added 2022/05/23 12:0 a.m.18 views

Microsoft Update Notification Manager Privilege Escalation Vulnerability

Microsoft Update Notification Manager contains an unspecified vulnerability that allows for privilege escalation...

7.8CVSS4.1AI score0.02928EPSS
In wildExploits0
OSV
OSV
added 2022/05/10 8:15 p.m.3 views

DEBIAN-CVE-2022-20011

In getArray of NotificationManagerService.java , there is a possible leak of one user notifications to another due to missing check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/05/10 8:15 p.m.7 views

CVE-2022-20011

In getArray of NotificationManagerService.java , there is a possible leak of one user notifications to another due to missing check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

5.5CVSS6.1AI score0.00126EPSS
Exploits0References2
OSV
OSV
added 2022/05/10 8:15 p.m.3 views

UBUNTU-CVE-2022-20011

In getArray of NotificationManagerService.java , there is a possible leak of one user notifications to another due to missing check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

5.5CVSS5.9AI score0.00126EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEV
added 2022/03/24 12:0 a.m.3 views

VulnCheck KEV: CVE-2020-0638

Microsoft Update Notification Manager contains an unspecified vulnerability that allows for privilege escalation...

7.8CVSS7.1AI score0.02928EPSS
Exploits0References1
OSV
OSV
added 2022/03/16 3:15 p.m.4 views

CVE-2021-39704

In deleteNotificationChannelGroup of NotificationManagerService.java, there is a possible way to run foreground service without user notification due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

7.8CVSS5.9AI score0.00189EPSS
Exploits0References1
Prion
Prion
added 2022/03/16 3:15 p.m.27 views

Design/Logic Flaw

In deleteNotificationChannelGroup of NotificationManagerService.java, there is a possible way to run foreground service without user notification due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

4.6CVSS7.6AI score0.00189EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2021/12/15 7:15 p.m.2 views

CVE-2021-1031

In cancelNotificationsFromListener of NotificationManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges...

3.3CVSS5.9AI score0.0011EPSS
Exploits0References1
OSV
OSV
added 2021/12/15 7:15 p.m.3 views

CVE-2021-1030

In setNotificationsShownFromListener of NotificationManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges...

5.5CVSS6.2AI score0.00111EPSS
Exploits0References1
OSV
OSV
added 2021/12/15 7:15 p.m.3 views

CVE-2021-0981

In enqueueNotificationInternal of NotificationManagerService.java, there is a possible way to run a foreground service without showing a notification due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction...

7.8CVSS7.2AI score0.00116EPSS
Exploits0References1
OSV
OSV
added 2021/10/22 2:15 p.m.4 views

CVE-2021-0705

In sanitizeSbn of NotificationManagerService.java, there is a possible way to keep service running in foreground and keep granted permissions due to Bypass of Background Service Restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User...

7.8CVSS5.9AI score
Exploits0References1
OSV
OSV
added 2021/06/21 5:15 p.m.1 views

CVE-2021-0513

In deleteNotificationChannel and related functions of NotificationManagerService.java, there is a possible permission bypass due to improper state validation. This could lead to local escalation of privilege via hidden services with no additional execution privileges needed. User interaction is n...

7.8CVSS7.2AI score0.00199EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/05/03 12:0 a.m.4 views

Google Android 安全漏洞

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in Google Android NotificationManagerService.java. An attacker can exploit this vulnerability to escalate privileges...

7.8CVSS5.7AI score0.00199EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/03/02 12:0 a.m.5 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from the USGoogleOpen Handheld Alliance Google. A security vulnerability exists in Google Android/Pixel that stems from a PendingIntent error in updateMwi of NotificationMgr.java that could bypass permissions. This could result in the...

7.8CVSS7.3AI score0.00127EPSS
Exploits0References3
OSV
OSV
added 2020/10/14 2:15 p.m.6 views

CVE-2020-0398

In updateMwi of NotificationMgr.java, there is a possible permission bypass due to a PendingIntent error. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android I...

5.5CVSS6.7AI score0.00186EPSS
Exploits0References1
Rows per page
Query Builder