42 matches found
PT-2023-18056 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The issue is related to a missing permission check in the visitUris method of RemoteViews.java, which could lead to local information disclosure across users. This requires User execution...
Google Android Security Vulnerability
Google Android is a Linux-based open source operating system from Google Inc. in the United States. A security vulnerability exists in Google Android, which stems from a lack of permission checking in the visitUris module of RemoteViews.java, with a possible method to disclose images between user...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability caused by a lack of privilege checks in visitFrees of RemoteViews.java. An attacker can exploit this vulnerability to gain elevated privileges...
ASB-A-281018094
In visitUris of RemoteViews.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21238
In visitUris of RemoteViews.java, there is a possible leak of images between users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21238
In visitUris of RemoteViews.java, there is a possible leak of images between users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21238
In visitUris of RemoteViews.java, there is a possible leak of images between users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2023-18024 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: In the visitUris method of RemoteViews.java, there is a possible leak of images between users due to a confused deputy. This could lead to local information disclosure with no additional...
ASB-A-277740848
In visitUris of RemoteViews.java, there is a possible leak of images between users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
ASB-A-268193777
In multiple functions of multiple files, there is a possible way to make the device unusable due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
Samsung mobile RemoteViews Elevation of Privilege Vulnerability (CNVD-2022-67278)
Samsung mobile is a cell phone from Samsung, a South Korean company. Samsung mobile RemoteViews suffers from an elevation of privilege vulnerability that stems from incorrect authentication in RemoteViews. An attacker could use this vulnerability to launch certain activities...
CVE-2022-30710
Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities...
CVE-2022-30710
Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities...
CVE-2022-30710
Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities...
Input validation
Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities...
CVE-2022-30710
Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities...
CVE-2022-30710
CVE-2022-30710 affects Samsung Mobile (Android) RemoteViews. The vulnerability is described as an improper validation in RemoteViews prior to the SMR Jun-2022 Release 1, enabling attackers to launch certain activities. Public sources (NVD, Red Hat, CNVD) align on elevation/privilege aspects, with...
Samsung mobile 输入验证错误漏洞
Samsung mobile is a cell phone from Samsung, a South Korean company. Samsung mobile RemoteViews suffers from an elevation of privilege vulnerability that stems from incorrect authentication in RemoteViews. An attacker could use this vulnerability to launch certain activities...
Code injection
In isRestricted of RemoteViews.java, there is a possible way to inject font files due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Andro...
PUB-A-179461812
In isRestricted of RemoteViews.java, there is a possible way to inject font files due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...