CVE-2019-2219

CVE-2019-2219 affects the Android Framework, specifically when linked to NotificationManagerService and related files. The described issue is a local elevation of privilege due to a permission bypass that could allow recording audio from the background without user notification, requiring User ex...

Design/Logic Flaw

In areNotificationsEnabledForPackage of NotificationManagerService.java, there is a possible permissions bypass due to a missing permissions check. This could lead to local escalation of privilege, with no additional privileges needed. User interaction is not needed for exploitation. Product:...

CVE-2019-2098

CVE-2019-2098 affects Android 7.0–9 and is tied to a missing permissions check in NotificationManagerService.java areNotificationsEnabledForPackage, enabling local elevation of privilege with no additional privileges and no user interaction required. The issue impacts Android’s System/notificatio...

CVE-2016-3884

CVE-2016-3884 affects Android's Notification Manager Service (server/notification/NotificationManagerService.java) in Android 6.x before 2016-09-01 and 7.0 before 2016-09-01. The root cause is missing UID checks, which allows a crafted application to bypass restrictions on method calls, constitut...