CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

104 matches found

Prion•added 2021/12/15 7:15 p.m.•13 views

Information disclosure

In cancelNotificationsFromListener of NotificationManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges...

2.1CVSS3.5AI score0.00013EPSS

Exploits0References1Affected Software1

Prion•added 2021/12/15 7:15 p.m.•9 views

Input validation

In enqueueNotificationInternal of NotificationManagerService.java, there is a possible way to run a foreground service without showing a notification due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction...

4.6CVSS7.7AI score0.00015EPSS

Exploits0References1Affected Software1

CVE•added 2021/12/15 6:6 p.m.•64 views

CVE-2021-1021

CVE-2021-1021 affects Google Android 12 (and related Android builds) where a flaw in SnoozeNotificationInt within NotificationManagerService.java allows disabling notifications for an arbitrary user due to improper input validation. This can enable local elevation of privilege with user-execution...

7.3CVSS7.3AI score0.00015EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/12/15 6:6 p.m.•8 views

CVE-2021-1021

In snoozeNotificationInt of NotificationManagerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for...

7.5AI score0.00015EPSS

Exploits0References1

CVE•added 2021/12/15 6:6 p.m.•62 views

CVE-2021-1031

CVE-2021-1031 : Android 12’s NotificationManagerService.cancelNotificationsFromListener can indirectly determine whether an app is installed via a side‑channel information disclosure, enabling local information disclosure without additional execution privileges. The issue is documented with a LOW...

3.3CVSS3.5AI score0.00013EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/12/15 6:6 p.m.•13 views

CVE-2021-1031

3.8AI score0.00013EPSS

Exploits0References1

Cvelist•added 2021/12/15 6:6 p.m.•12 views

CVE-2021-1030

In setNotificationsShownFromListener of NotificationManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges...

5.3AI score0.00014EPSS

Exploits0References1

CVE•added 2021/12/15 6:6 p.m.•64 views

CVE-2021-1030

CVE-2021-1030 affects Android 12 with a vulnerability in NotificationManagerService.setNotificationsShownFromListener that allows a local attacker to deduce whether an app is installed without query permissions via a side-channel. Impact is local information disclosure with no execution privilege...

5.5CVSS4.9AI score0.00014EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/12/15 6:6 p.m.•14 views

CVE-2021-0981

7.9AI score0.00015EPSS

Exploits0References1

OSV•added 2021/12/01 12:0 a.m.•4 views

PUB-A-194697001

5.5CVSS6.8AI score0.00014EPSS

Exploits0References2

OSV•added 2021/12/01 12:0 a.m.•6 views

PUB-A-194697004

3.3CVSS6.8AI score0.00013EPSS

Exploits0References2

Prion•added 2021/10/22 2:15 p.m.•16 views

Design/Logic Flaw

In sanitizeSbn of NotificationManagerService.java, there is a possible way to keep service running in foreground and keep granted permissions due to Bypass of Background Service Restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User...

7.2CVSS7.3AI score0.00011EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/10/22 1:27 p.m.•17 views

CVE-2021-0705

7.9AI score0.00011EPSS

Exploits0References1

CVE•added 2021/10/22 1:27 p.m.•106 views

CVE-2021-0705

CVE-2021-0705 concerns the Android Framework component, specifically in sanitizeSbn of NotificationManagerService.java. The connected documents describe a vulnerability where an attacker could bypass Background Service Restrictions to keep a service running in the foreground while retaining grant...

7.8CVSS7.3AI score0.00011EPSS

Exploits0References1Affected Software1

OSV•added 2021/10/06 3:15 p.m.•0 views

CVE-2021-0682

In sendAccessibilityEvent of NotificationManagerService.java, there is a possible disclosure of notification data due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product:...

5.5CVSS6.2AI score

Exploits0References1

NVD•added 2021/10/06 3:15 p.m.•10 views

CVE-2021-0682

5.5CVSS0.00033EPSS

Exploits0References1

Cvelist•added 2021/10/06 2:10 p.m.•11 views

CVE-2021-0682

5.4AI score0.00033EPSS

Exploits0References1

CVE•added 2021/10/06 2:10 p.m.•113 views

CVE-2021-0682

CVE-2021-0682 affects Android via a permissions check gap in NotificationManagerService.java (sendAccessibilityEvent), enabling local information disclosure of notifications. Affected: Android 8.1, 9, 10, 11. Exploitation: local, requires no user interaction, per description; no mitigation detail...

5.5CVSS5AI score0.00033EPSS

Exploits0References1Affected Software1

OSV•added 2021/10/01 12:0 a.m.•18 views

ASB-A-185388103

7.8CVSS7.8AI score0.00011EPSS

Exploits0References2

NVD•added 2021/06/21 5:15 p.m.•13 views

CVE-2021-0513

In deleteNotificationChannel and related functions of NotificationManagerService.java, there is a possible permission bypass due to improper state validation. This could lead to local escalation of privilege via hidden services with no additional execution privileges needed. User interaction is n...

7.8CVSS0.00014EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by