EUVD-2022-25579

Malicious code in bioql PyPI...

PT-2025-1033 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The issue is related to a race condition in multiple functions of AccountManagerService.java, which could allow an attacker to bypass permissions and launch protected activities. This could...

CVE-2024-0015

In convertToComponentName of DreamService.java, there is a possible way to launch arbitrary protected activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

PT-2024-4068 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The issue is related to the ConvertToComponentName function in DreamService.java, which can be exploited due to intent redirection, potentially allowing an attacker to launch arbitrary...

PT-2023-18017 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software name or version is mentioned in the provided descriptions. Description: The issue is related to a missing permission check in the getIntentForButton method of ButtonManager.java. This could allow an unprivileged applicati...

CVE-2022-20550

In Multiple Locations, there is a possibility to launch arbitrary protected activities due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...

PT-2022-14763 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue allows for the launch of arbitrary protected activities due to a confused deputy, potentially leading to local escalation of privilege. This can be exploited with User execution privileges, a...

CVE-2022-20319

In DreamServices, there is a possible way to launch arbitrary protected activities due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from the US-based Google Inc. A security vulnerability exists in Google Android 13, which stems from the presence of a possible way for its DreamServices to initiate arbitrary protected activities due to an obfuscated agent, which could...

PT-2022-14544 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: In DreamServices, there is a possible way to launch arbitrary protected activities due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User...

Mail.ru: Launch Any Activity in MyMail App

An exported activity in My.Com Mail application could be used to launch protected activities...