23 matches found
EUVD-2023-25284
Malicious code in bioql PyPI...
EUVD-2022-51204
Malicious code in bioql PyPI...
EUVD-2025-26798
Malicious code in bioql PyPI...
CVE-2024-41984
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application improperly handles error while accessing an inaccessible resource leading to exposing the system applications...
CVE-2022-39008
The NFC module has bundle serialization/deserialization vulnerabilities. Successful exploitation of this vulnerability may cause third-party apps to read and write files that are accessible only to system apps...
CVE-2022-48508
Inappropriate authorization vulnerability in the system apps. Successful exploitation of this vulnerability may affect service integrity...
Authorization
Inappropriate authorization vulnerability in the system apps. Successful exploitation of this vulnerability may affect service integrity...
CVE-2022-48508
Inappropriate authorization vulnerability in the system apps. Successful exploitation of this vulnerability may affect service integrity...
CVE-2022-48508
CVE-2022-48508 corresponds to an improper/ inappropriate authorization vulnerability in Huawei HarmonyOS system apps. The CNVD/CNNVD and Red Hat/ENISA entries describe a security bypass that could allow an attacker to bypass authentication and gain administrative access on HarmonyOS/EMUI devices....
CVE-2022-48508
Inappropriate authorization vulnerability in the system apps. Successful exploitation of this vulnerability may affect service integrity...
CVE-2023-21116
In verifyReplacingVersionCode of InstallPackageHelper.java, there is a possible way to downgrade system apps below system image version due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for...
CVE-2023-21116
In verifyReplacingVersionCode of InstallPackageHelper.java, there is a possible way to downgrade system apps below system image version due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for...
PT-2023-17908 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: A logic error in the code of InstallPackageHelper.java, specifically in the verifyReplacingVersionCode function, allows for a possible downgrade of system apps below the system image...
ASB-A-256202273
In verifyReplacingVersionCode of InstallPackageHelper.java, there is a possible way to downgrade system apps below system image version due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for...
CVE-2022-20268
In RestrictionsManager, there is a possible way to send a broadcast that should be restricted to system apps due to a permissions bypass. This could lead to local escalation of privilege on an enterprise managed device with no additional execution privileges needed. User interaction is not needed...
PT-2022-14491 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: In RestrictionsManager, there is a possible way to send a broadcast that should be restricted to system apps due to a permissions bypass. This could lead to local escalation of privilege on an enterpri...
Android apps with millions of downloads exposed to high-severity vulnerabilities
Microsoft uncovered high-severity vulnerabilities in a mobile framework owned by mce Systems and used by multiple large mobile service providers in pre-installed Android System apps that potentially exposed users to remote albeit complex or local attacks. The vulnerabilities, which affected apps...
CVE-2021-46787
The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash...
CVE-2021-0691
In the SELinux policy configured in systemapp.te, there is a possible way for systemapp to gain code execution in other processes due to an overly-permissive SELinux policy. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed fo...
Jackman-AL00D 资源管理错误漏洞
Huawei Jackman-AL00D is a basic firmware for mobile devices from Huawei China. A resource management error vulnerability exists in Jackman-AL00D version 8.2.0.185 C00R2P1, which arises from improper management of system resources e.g., memory, disk space, files, etc. by a networked system or...