64 matches found
CVE-2023-49248
Vulnerability of unauthorized file access in the Settings app. Successful exploitation of this vulnerability may cause unauthorized file access...
EUVD-2022-25775
Malicious code in bioql PyPI...
EUVD-2023-53251
Malicious code in bioql PyPI...
EUVD-2022-25474
Malicious code in bioql PyPI...
EUVD-2022-25734
Malicious code in bioql PyPI...
June 10, 2025—KB5060526 (OS Build 20348.3807)
June 10, 2025—KB5060526 OS Build 20348.3807 For information about Windows update terminology, see types of Windows updates and the monthly quality update types. To find an overview, see the update history page for Windows Server 2022, Follow @WindowsUpdate to find out when new content is publishe...
CVE-2023-21098
In multiple functions of AccountManagerService.java, there is a possible loading of arbitrary code into the System Settings app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2022-20474
In readLazyValue of Parcel.java, there is a possible loading of arbitrary code into the System Settings app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-37004
The Settings application has a vulnerability of bypassing the out-of-box experience OOBE. Successful exploitation of this vulnerability may affect the availability...
CVE-2022-20214
In Car Settings app, the toggle button in Modify system settings is vulnerable to tapjacking attack. Attackers can overlay the toggle button to enable apps to modify system settings without user consent.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-183411210...
CVE-2020-0271
In the Settings app, there is an insecure default value. This could lead to local escalation of privilege and tapjacking with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-144507081...
CVE-2025-20909
Use of implicit intent for sensitive communication in Settings prior to SMR Mar-2025 Release 1 allows local attackers to access sensitive information...
OBS 1.0 Shell Upload Vulnerability
Titles: OBS by: oretnom23 v1.0 -Copyright © 2025. All rights reserved. File Upload-FU and Remote Code Execution-RCE Vulnerabilities Author: nu11secur1ty Vendor: https://github.com/oretnom23 Software:...
CVE-2018-9477
In the development options section of the Settings app, there is a possible authentication bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2018-9477
In the development options section of the Settings app, there is a possible authentication bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2018-9477
In the development options section of the Settings app, there is a possible authentication bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
PT-2024-10711 · Unknown · Settings App
Name of the Vulnerable Software and Affected Versions: Settings app affected versions not specified Description: The issue is related to a possible authentication bypass in the development options section of the Settings app due to a missing permission check. This could lead to local escalation o...
CVE-2024-40652
In onCreate of SettingsHomepageActivity.java, there is a possible way to access the Settings app while the device is provisioning due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
CVE-2024-40652
In onCreate of SettingsHomepageActivity.java, there is a possible way to access the Settings app while the device is provisioning due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
CVE-2024-40652
In onCreate of SettingsHomepageActivity.java, there is a possible way to access the Settings app while the device is provisioning due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...