16 matches found
EUVD-2023-44742
Malicious code in bioql PyPI...
CVE-2024-0037
In applyCustomDescription of SaveUi.java, there is a possible way to view images belonging to a different user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...
ASB-A-286235483
In applyCustomDescription of SaveUi.java, there is a possible way to view another user's image content. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-40122
In applyCustomDescription of SaveUi.java, there is a possible way to view other user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
Information disclosure
In applyCustomDescription of SaveUi.java, there is a possible way to view images belonging to a different user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-0037
The CVE-2024-0037 entry describes a local information disclosure in Android’s SaveUi.java, where applyCustomDescription can view other users’ images due to a missing permission check. Exploitation is possible with local attacker privileges and does not require user interaction. Connected document...
CVE-2024-0037
In applyCustomDescription of SaveUi.java, there is a possible way to view images belonging to a different user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-40122
CVE-2023-40122 : Affected component is Android’s SaveUi.java (applyCustomDescription). The issue enables a confused deputy to disclose another user’s images via local information disclosure, requiring no additional execution privileges and no user interaction. This is a local vulnerability; no re...
CVE-2023-40122
In applyCustomDescription of SaveUi.java, there is a possible way to view other user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
Google Android Security Vulnerability
Google Android is a Linux-based open source operating system from Google Inc. in the United States. A security vulnerability exists in Google Android, which stems from a lack of permission checking in the applyCustomDescription method of the SaveUi.java file, which allows viewing images belonging...
CVE-2023-40135
In applyCustomDescription of SaveUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
Information disclosure
In applyCustomDescription of SaveUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-40135
CVE-2023-40135 affects Android, where in SaveUi.java’s applyCustomDescription a logic error (confused deputy) can allow viewing another user’s images. This results in local information disclosure with no extra execution privileges and no user interaction required. The issue is documented in multi...
CVE-2023-40135
In applyCustomDescription of SaveUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-40135
In applyCustomDescription of SaveUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2023-27287 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX affected versions not specified Description: The issue is related to a confused deputy in the applyCustomDescription function of SaveUi.java, allowing an attacker to view another user's images. This could lead to local information...