104 matches found
CVE-2021-0513
CVE-2021-0513 concerns an elevation-of-privilege via the Android NotificationManagerService.java layer. The issue is described as a permission bypass caused by improper state validation in deleteNotificationChannel and related functions, enabling local escalation of privilege to hidden services w...
ASB-A-156090809
In deleteNotificationChannel and related functions of NotificationManagerService.java, there is a possible permission bypass due to improper state validation. This could lead to local escalation of privilege via hidden services with no additional execution privileges needed. User interaction is n...
CVE-2021-25336
Improper access control in NotificationManagerService in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to acquire notification access via sending a crafted malicious intent...
Improper access control
Improper access control in NotificationManagerService in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to acquire notification access via sending a crafted malicious intent...
CVE-2021-25336
Improper access control in NotificationManagerService in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to acquire notification access via sending a crafted malicious intent...
CVE-2021-25336
CVE-2021-25336 affects Samsung mobile devices via improper access control in NotificationManagerService. The root cause is insufficient access checks that allow untrusted applications to obtain notification access by sending a crafted malicious intent. Documented impact is limited to exploitation...
CVE-2020-0313
In NotificationManagerService, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154917989...
Information disclosure
In NotificationManagerService, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154917989...
CVE-2020-0313
In CVE-2020-0313, the issue is in Android’s NotificationManagerService where an unsafe PendingIntent can bypass permissions, enabling local information disclosure with low requirements (local access, no user interaction). The vulnerability affects Android 11 and is characterized by a LOCAL attack...
CVE-2020-0313
In NotificationManagerService, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154917989...
CVE-2020-0109
In simulatePackageSuspendBroadcast of NotificationManagerService.java, there is a missing permission check. This could lead to local escalation of privilege by creating fake system notifications with no additional execution privileges needed. User interaction is not needed for exploitation.Produc...
Privilege escalation
In simulatePackageSuspendBroadcast of NotificationManagerService.java, there is a missing permission check. This could lead to local escalation of privilege by creating fake system notifications with no additional execution privileges needed. User interaction is not needed for exploitation.Produc...
CVE-2020-0109
In simulatePackageSuspendBroadcast of NotificationManagerService.java, there is a missing permission check. This could lead to local escalation of privilege by creating fake system notifications with no additional execution privileges needed. User interaction is not needed for exploitation.Produc...
CVE-2020-0109
CVE-2020-0109 affects Android 9–10 and relates to NotificationManagerService.java: in simulatePackageSuspendBroadcast there is a missing permission check, enabling local privilege escalation by crafting fake system notifications without extra execution privileges. Public references indicate the i...
CVE-2020-0084
In several functions of NotificationManagerService.java, there are missing permission checks. This could lead to local escalation of privilege by creating fake system notifications with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
Design/Logic Flaw
In several functions of NotificationManagerService.java, there are missing permission checks. This could lead to local escalation of privilege by creating fake system notifications with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2020-0084
CVE-2020-0084 affects Android 10, where several functions in NotificationManagerService.java lack permission checks. This enables local escalation of privilege by creating fake system notifications with no extra privileges, and exploitation does not require user interaction. The Pixel Update Bull...
CVE-2020-0084
In several functions of NotificationManagerService.java, there are missing permission checks. This could lead to local escalation of privilege by creating fake system notifications with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2019-2219
In several functions of NotificationManagerService.java and related files, there is a possible way to record audio from the background without notification to the user due to a permission bypass. This could lead to local escalation of privilege with User execution privileges needed. User...
Design/Logic Flaw
In several functions of NotificationManagerService.java and related files, there is a possible way to record audio from the background without notification to the user due to a permission bypass. This could lead to local escalation of privilege with User execution privileges needed. User...