49 matches found
CVE-2026-58036
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryAllUsers.Php, includes/Api/ApiQueryUsers.Php, includes/Permissions/PermissionManager.Php,...
CVE-2026-0026
In removePermission of PermissionManagerServiceImpl.java, there is a possible way to override any system permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2026-0026
In removePermission of PermissionManagerServiceImpl.java, there is a possible way to override any system permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2026-0026
In removePermission of PermissionManagerServiceImpl.java, there is a possible way to override any system permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2026-0026
CVE-2026-0026 describes a logic error in Android’s PermissionManagerServiceImpl.java removePermission path that could allow overriding any system permission, enabling local privilege escalation. Exploitation requires user interaction, and no additional execution privileges are stated. The connect...
PT-2026-22674
In removePermission of PermissionManagerServiceImpl.java, there is a possible way to override any system permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
EUVD-2025-27008
Malicious code in bioql PyPI...
EUVD-2023-25495
Malicious code in bioql PyPI...
CVE-2025-26461
In Permission Manager, there is a possible way for the microphone privacy indicator to remain activated even after the user attempts to close the app due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction...
CVE-2025-26461
In Permission Manager, there is a possible way for the microphone privacy indicator to remain activated even after the user attempts to close the app due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction...
CVE-2025-26461
In Permission Manager, there is a possible way for the microphone privacy indicator to remain activated even after the user attempts to close the app due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction...
CVE-2025-26461
In Permission Manager, there is a possible way for the microphone privacy indicator to remain activated even after the user attempts to close the app due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction...
CVE-2025-26461
In Permission Manager, there is a possible way for the microphone privacy indicator to remain activated even after the user attempts to close the app due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction...
PT-2025-36237
Name of the Vulnerable Software and Affected Versions: Permission Manager affected versions not specified Description: In Permission Manager, the microphone privacy indicator may remain activated even after a user attempts to close the application. This is due to a logic error in the code and cou...
CVE-2023-21327
In Permission Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-21341
In Permission Manager, there is a possible way to bypass required permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2021-1013
In checkExistsAndEnforceCannotModifyImmutablyRestrictedPermission of PermissionManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no...
CVE-2021-26280 Permission bypass vulnerability in permission manager module
Locally installed application can bypass the permission check and perform system operations that require permission...
CVE-2021-26280 Permission bypass vulnerability in permission manager module
Locally installed application can bypass the permission check and perform system operations that require permission...
CVE-2021-26280
CVE-2021-26280 (Vivo Permission manager module) is a locally exploitable vulnerability where a locally installed app can bypass permission checks and perform system operations that require permissions. The entry is supported by multiple sources (NVD, Red Hat, CVE listing) indicating a local attac...