EUVD-2022-51204

Malicious code in bioql PyPI...

EUVD-2025-26798

Malicious code in bioql PyPI...

EUVD-2023-25284

Malicious code in bioql PyPI...

CVE-2024-41984

A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application improperly handles error while accessing an inaccessible resource leading to exposing the system applications...

CVE-2022-39008

The NFC module has bundle serialization/deserialization vulnerabilities. Successful exploitation of this vulnerability may cause third-party apps to read and write files that are accessible only to system apps...

CVE-2022-48508

Inappropriate authorization vulnerability in the system apps. Successful exploitation of this vulnerability may affect service integrity...

Authorization

Inappropriate authorization vulnerability in the system apps. Successful exploitation of this vulnerability may affect service integrity...

CVE-2022-48508

Inappropriate authorization vulnerability in the system apps. Successful exploitation of this vulnerability may affect service integrity...

CVE-2022-48508

CVE-2022-48508 corresponds to an improper/ inappropriate authorization vulnerability in Huawei HarmonyOS system apps. The CNVD/CNNVD and Red Hat/ENISA entries describe a security bypass that could allow an attacker to bypass authentication and gain administrative access on HarmonyOS/EMUI devices....

CVE-2022-48508

Inappropriate authorization vulnerability in the system apps. Successful exploitation of this vulnerability may affect service integrity...

CVE-2023-21116

In verifyReplacingVersionCode of InstallPackageHelper.java, there is a possible way to downgrade system apps below system image version due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for...

CVE-2023-21116

In verifyReplacingVersionCode of InstallPackageHelper.java, there is a possible way to downgrade system apps below system image version due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for...

PT-2023-17908 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: A logic error in the code of InstallPackageHelper.java, specifically in the verifyReplacingVersionCode function, allows for a possible downgrade of system apps below the system image...

ASB-A-256202273

In verifyReplacingVersionCode of InstallPackageHelper.java, there is a possible way to downgrade system apps below system image version due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for...

CVE-2022-20268

In RestrictionsManager, there is a possible way to send a broadcast that should be restricted to system apps due to a permissions bypass. This could lead to local escalation of privilege on an enterprise managed device with no additional execution privileges needed. User interaction is not needed...

PT-2022-14491 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: In RestrictionsManager, there is a possible way to send a broadcast that should be restricted to system apps due to a permissions bypass. This could lead to local escalation of privilege on an enterpri...

Android apps with millions of downloads exposed to high-severity vulnerabilities

Microsoft uncovered high-severity vulnerabilities in a mobile framework owned by mce Systems and used by multiple large mobile service providers in pre-installed Android System apps that potentially exposed users to remote albeit complex or local attacks. The vulnerabilities, which affected apps...

CVE-2021-46787

The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash...

The vulnerability of system applications in the HarmonyOS operating system, related to privilege management errors, allows a perpetrator to alter the user’s pseudonym.

The vulnerability of HarmonyOS’ system applications is related to privilege management errors. Exploiting this vulnerability allows a malicious actor to remotely change a user’s username...

The vulnerability of system applications in the HarmonyOS operating system arises from insufficient validation of input data, allowing attackers to increase their privileges.

The vulnerability of system applications in the HarmonyOS operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to increase their privileges...