38 matches found
CVE-2021-0987
In getNeighboringCellInfo of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User...
EUVD-2020-19556
Malware in sbrugna...
EUVD-2020-1612
Malware in sbrugna...
EUVD-2020-1753
Malware in sbrugna...
EUVD-2017-4839
Malware in sbrugna...
EUVD-2021-3606
Malicious code in bioql PyPI...
EUVD-2021-6501
Malicious code in bioql PyPI...
EUVD-2021-6482
Malicious code in bioql PyPI...
EUVD-2021-6481
Malicious code in bioql PyPI...
EUVD-2021-6472
Malicious code in bioql PyPI...
CVE-2021-1034
In getLine1NumberForDisplay of PhoneInterfaceManager.java, there is apossible way to determine whether an app is installed, without querypermissions due to a missing permission check. This could lead to localinformation disclosure with no additional execution privileges needed. Userinteraction is...
CVE-2020-0106
In getCellLocation of PhoneInterfaceManager.java, there is a possible permission bypass due to a missing SDK version check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Google Android elevation of privilege vulnerability (CNVD-2023-12020)
Google Android is a Linux-based open source operating system from Google. An elevation of privilege vulnerability exists in the enforceVisualVoicemailPackage of PhoneInterfaceManager.java in Google Android version 13.0, which stems from a privilege bypass issue. An attacker can exploit the...
Design/Logic Flaw
In enforceVisualVoicemailPackage of PhoneInterfaceManager.java, there is a possible leak of visual voicemail package name due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2022-20525
In enforceVisualVoicemailPackage of PhoneInterfaceManager.java, there is a possible leak of visual voicemail package name due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2021-1034
In getLine1NumberForDisplay of PhoneInterfaceManager.java, there is apossible way to determine whether an app is installed, without querypermissions due to a missing permission check. This could lead to localinformation disclosure with no additional execution privileges needed. Userinteraction is...
CVE-2021-1014
In getNetworkTypeForSubscriber of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. Us...
CVE-2021-1015
In getMeidForSlot of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interactio...
CVE-2021-1005
In getDeviceIdWithFeature of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User...
Information disclosure
In getNeighboringCellInfo of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User...