Lucene search
+L

59 matches found

redhatcve
redhatcve
added 2026/01/09 11:18 a.m.7 views

CVE-2021-0598

In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...

7.3CVSS6.7AI score0.00115EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 11:16 a.m.13 views

CVE-2021-0333

In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. This could lead to local escalation of privilege with User execution privileges needed. User...

7.3CVSS7AI score0.00302EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/12/08 4:57 p.m.3 views

CVE-2025-48639

In DefaultTransitionHandler.java, there is a possible way to unknowingly grant permissions to an app due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

6.4AI score0.00091EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2025/12/08 4:57 p.m.3 views

CVE-2025-48597

In multiple locations, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

6.5AI score0.00074EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2025/10/23 12:0 a.m.9 views

PT-2025-43482

Name of the Vulnerable Software and Affected Versions Android affected versions not specified Description A flaw exists in the Android Framework component where insufficient input validation can be exploited to trick a user into accepting a permission through a tapjacking or overlay attack. This...

7.8CVSS6.3AI score0.00074EPSS
Exploits0References8
euvd
euvd
added 2025/10/07 12:30 a.m.10 views

EUVD-2021-26049

Malware in sbrugna...

9.3CVSS7.5AI score0.00698EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-26026

Malware in sbrugna...

7.8CVSS7.6AI score0.00095EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-3010

Malicious code in bioql PyPI...

7.8CVSS7.5AI score0.00657EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.8 views

EUVD-2021-2952

Malicious code in bioql PyPI...

7.3CVSS7.4AI score0.00302EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.8 views

EUVD-2021-6503

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.0032EPSS
Exploits0References1
cve
cve
added 2025/09/04 6:34 p.m.39 views

CVE-2025-32350

The CVE-2025-32350 issue affects Google Android Framework: in maybeShowDialog of ControlsSettingsDialogManager.kt there can be an overlay/tapjacking that causes a ControlsSettingsDialog to overlap, enabling local elevation of privilege without extra user interaction. The Android Security Bulletin...

7.8CVSS6.3AI score0.00081EPSS
Exploits0References2Affected Software1
osv
osv
added 2025/09/02 11:15 p.m.5 views

CVE-2025-22419

In multiple locations, there is a possible way to mislead the user into enabling malicious phone calls forwarding due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation...

7.3CVSS5.9AI score0.00076EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2025/09/02 12:0 a.m.7 views

PT-2025-35624

Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: A tapjacking/overlay attack could mislead a user into enabling malicious phone call forwarding, potentially leading to local escalation of privilege. User interaction is required for exploitation...

7.3CVSS6AI score0.00076EPSS
Exploits0References5
nessus
nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-39796

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there is a possible way to trick victim to install harmful app due to a tapjacking/overlay attac...

7.3CVSS7.5AI score0.00156EPSS
Exploits0References3
redhatcve
redhatcve
added 2025/05/22 11:34 p.m.4 views

CVE-2022-20215

In onCreate of MasterClearConfirmFragment.java, there is a possible factory reset due to a tapjacking/overlay attack. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10...

5.5CVSS6AI score0.00126EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 11:2 p.m.12 views

CVE-2022-33723

A vulnerable code in onCreate of BluetoothScanDialog prior to SMR Aug-2022 Release 1, allows attackers to trick the user to select an unwanted bluetooth device via tapjacking/overlay attack...

6.1CVSS7AI score0.0013EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 10:20 p.m.12 views

CVE-2022-20443

In hasInputInfo of Layer.cpp, there is a possible bypass of user interaction requirements due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.8CVSS7.1AI score0.00089EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 10:20 p.m.8 views

CVE-2022-20520

In onCreate of various files, there is a possible tapjacking/overlay attack. This could lead to local escalation of privilege or denial of server with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-227203202...

7.8CVSS7AI score0.00189EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 8:42 p.m.5 views

CVE-2021-0963

In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in keychain due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

7.1CVSS6.6AI score0.00197EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 7:1 p.m.8 views

CVE-2021-0954

In ResolverActivity, there is a possible user interaction bypass due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID:...

7.3CVSS7.7AI score0.00261EPSS
Exploits0References1
Rows per page
Query Builder