CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

57 matches found

NVD•added 2022/08/11 3:15 p.m.•14 views

CVE-2022-20246

In WindowManager, there is a possible bypass of the restrictions for starting activities from the background due to an incorrect UID/permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS0.00014EPSS

Exploits0References1

NVD•added 2022/08/11 3:15 p.m.•14 views

CVE-2022-20245

In WindowManager, there is a possible method to create a recording of the lock screen due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...

2.4CVSS0.00025EPSS

Exploits0References1

ATTACKERKB•added 2022/08/11 3:15 p.m.•1 views

CVE-2022-20245

2.4CVSS5.9AI score0.00025EPSS

Exploits0References2

Prion•added 2022/08/11 3:15 p.m.•14 views

Information disclosure

2.1CVSS4.3AI score0.00025EPSS

Exploits0References1Affected Software1

Prion•added 2022/08/11 3:15 p.m.•14 views

Design/Logic Flaw

4.3CVSS7.9AI score0.00014EPSS

Exploits0References1Affected Software1

CVE•added 2022/08/11 3:8 p.m.•62 views

CVE-2022-20246

CVE-2022-20246 affects Android 13 (WindowManager). The issue is an incorrect UID/permission check that allows bypassing background-activity start restrictions, leading to local escalation of privilege without user interaction. Exploitation is local and requires no additional privileges; CVSS indi...

7.8CVSS7.9AI score0.00014EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/08/11 3:8 p.m.•11 views

CVE-2022-20246

8.2AI score0.00014EPSS

Exploits0References1

CVE•added 2022/08/11 3:7 p.m.•56 views

CVE-2022-20245

CVE-2022-20245 affects Android 13 and involves the WindowManager component. An insecure default value in WindowManager may allow a recorded lock-screen capture, leading to local information disclosure. Exploitation requires user interaction, and no additional execution privileges are needed. The ...

2.4CVSS4.3AI score0.00025EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/08/11 3:7 p.m.•12 views

CVE-2022-20245

4.8AI score0.00025EPSS

Exploits0References1

CNNVD•added 2022/08/11 12:0 a.m.•1 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android version 13, which stems from an insecure default value in WindowManager that can be exploited by an attacker to obtain sensitive information...

2.4CVSS5.1AI score0.00025EPSS

Exploits0References2

NVD•added 2022/06/15 1:15 p.m.•20 views

CVE-2021-39691

In WindowManager, there is a possible tapjacking attack due to an incorrect window flag when processing user input. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10...

7.3CVSS0.00012EPSS

Exploits0References1

Prion•added 2022/06/15 1:15 p.m.•15 views

Design/Logic Flaw

6.9CVSS7.2AI score0.00012EPSS

Exploits0References1Affected Software1

CVE•added 2022/06/15 12:57 p.m.•149 views

CVE-2021-39691

CVE-2021-39691 describes a tapjacking risk in Android’s WindowManager caused by an incorrect window flag when processing user input, enabling a local elevation of privilege with user interaction required. Affected: Android 10–12. Exploitation would be local; no remote access indicated. The issue ...

7.3CVSS7.2AI score0.00012EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/06/15 12:57 p.m.•13 views

CVE-2021-39691

7.5AI score0.00012EPSS

Exploits0References1

OSV•added 2022/06/01 12:0 a.m.•66 views

ASB-A-157929241

7.3CVSS7.3AI score0.00012EPSS

Exploits0References1

CNVD•added 2022/04/06 12:0 a.m.•14 views

Google Android Elevation of Privilege Vulnerability (CNVD-2022-26766)

Google Android is a Linux-based open-source operating system from the U.S. company Google. Google Android has a security vulnerability that stems from a lack of permission checks in WindowManager, which could be exploited by attackers to escalate privileges...

7.8CVSS6.2AI score0.00012EPSS

Exploits1References1

CNVD•added 2022/04/01 12:0 a.m.•12 views

Google Android Elevation of Privilege Vulnerability (CNVD-2022-26784)

Google Android is a Linux-based open-source operating system from the U.S. Google Android has an elevation of privilege vulnerability that stems from a lack of privilege checks in WindowManager, which could be exploited by attackers to gain elevated privileges...

7.8CVSS6.8AI score0.00014EPSS

Exploits0References1

NVD•added 2022/03/30 4:15 p.m.•16 views

CVE-2021-39749

In WindowManager, there is a possible way to start non-exported and protected activities due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.8CVSS0.00012EPSS

Exploits1References1

NVD•added 2022/03/30 4:15 p.m.•13 views

CVE-2021-39758

In WindowManager, there is a possible way to start a foreground activity from the background due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...

7.8CVSS0.00014EPSS

Exploits0References1

Prion•added 2022/03/30 4:15 p.m.•15 views

Privilege escalation

7.2CVSS7.8AI score0.00012EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by