120 matches found
CVE-2020-0289
In PackageManager, there is a missing permission check. This could lead to local information disclosure across users with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153996872...
CVE-2020-0290
In PackageManager, there is a missing permission check. This could lead to local information disclosure across users with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153996866...
ASB-A-247513680
In saveToXml of PersistableBundle.java, invalid data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21300
In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitati...
Information disclosure
In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitati...
CVE-2023-21300
Summary: CVE-2023-21300 affects Android’s PackageManager and arises from a side-channel information disclosure that allows a local attacker to infer whether an app is installed without query permissions. This is described as a local information disclosure with no additional execution privileges r...
CVE-2023-21300
In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitati...
CVE-2023-21300
In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitati...
PT-2023-18080 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The issue concerns a side channel information disclosure in PackageManager, allowing an attacker to determine whether an app is installed without requiring query permissions. This could lea...
CVE-2023-40653
In FW-PackageManager, there is a possible missing permission check. This could lead to local escalation of privilege with System execution privileges needed...
CVE-2023-40654
In FW-PackageManager, there is a possible missing permission check. This could lead to local escalation of privilege with System execution privileges needed...
CVE-2023-40653
In FW-PackageManager, there is a possible missing permission check. This could lead to local escalation of privilege with System execution privileges needed...
Design/Logic Flaw
In FW-PackageManager, there is a possible missing permission check. This could lead to local escalation of privilege with System execution privileges needed...
CVE-2023-40653
In FW-PackageManager, there is a possible missing permission check. This could lead to local escalation of privilege with System execution privileges needed...
CVE-2023-40654
In FW-PackageManager, there is a possible missing permission check. This could lead to local escalation of privilege with System execution privileges needed...
CVE-2023-40654
CVE-2023-40654 affects FW-PackageManager due to a missing permission check, enabling local privilege escalation with System execution privileges. Public references describe the issue across multiple feeds (NVD, Red Hat, PRION, CVE list, CNNVD, PT-Security) but do not provide a product version or ...
CVE-2023-40653
CVE-2023-40653 concerns the FW-PackageManager with a missing permission check that could enable local escalation of privileges to SYSTEM. Multiple connected sources corroborate the description across vendors and databases (NVD, Red Hat, CVE/CVE List, CNNVD, PT-2023-27575). The core impact is loca...
CVE-2023-40654
In FW-PackageManager, there is a possible missing permission check. This could lead to local escalation of privilege with System execution privileges needed...
ASB-A-266580022
In multiple locations, there is a possible way to crash multiple system services due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
ASB-A-242537498
In addPermission of PermissionManagerServiceImpl.java , there is a possible failure to persist permission settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...