Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

51 matches found

NVD
NVDadded 2023/03/24 8:15 p.m.10 views

CVE-2023-21026

In updateInputChannel of WindowManagerService.java, there is a possible way to set a touchable region beyond its own SurfaceControl due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for...

5.5CVSS5.4AI score0.00015EPSS
Exploits0References1
Prion
Prionadded 2023/03/24 8:15 p.m.13 views

Code injection

In updateInputChannel of WindowManagerService.java, there is a possible way to set a touchable region beyond its own SurfaceControl due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for...

1.7CVSS5.3AI score0.00015EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2023/03/24 12:0 a.m.85 views

CVE-2023-21026

CVE-2023-21026 affects Android 13 on the WindowManagerService component, specifically the updateInputChannel path in WindowManagerService.java. A logic error could allow an attacker to extend a touchable region beyond the owner SurfaceControl, enabling a local denial-of-service condition without ...

5.5CVSS5.3AI score0.00015EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2023/02/09 7:15 p.m.19 views

CVE-2023-21440

Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1 allows attackers to take a screen capture...

6.2CVSS6.2AI score0.0006EPSS
Exploits0References1
Prion
Prionadded 2023/02/09 7:15 p.m.16 views

Improper access control

Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1 allows attackers to take a screen capture...

1.9CVSS5.5AI score0.0006EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2023/02/09 12:0 a.m.2 views

PT-2023-18207 · Unknown · Windowmanagerservices

Name of the Vulnerable Software and Affected Versions: WindowManagerService versions prior to SMR Feb-2023 Release 1 Description: The issue is related to improper access control in the WindowManagerService, allowing attackers to capture the screen. Recommendations: For versions prior to SMR...

6.2CVSS5.3AI score0.0006EPSS
Exploits0References2
CVE
CVEadded 2023/02/09 12:0 a.m.61 views

CVE-2023-21440

The CVE-2023-21440 entry maps to an improper access control vulnerability in the WindowManagerService, affecting Samsung Android devices. Root cause: WindowManagerService prior to SMR Feb-2023 Release 1 allows an attacker to capture the screen. Impact: potential exposure of screen content (confid...

6.2CVSS5.4AI score0.0006EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/02/09 12:0 a.m.6 views

CVE-2023-21440

Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1 allows attackers to take a screen capture...

6.2CVSS7AI score0.0006EPSS
Exploits0References1
Cvelist
Cvelistadded 2023/02/09 12:0 a.m.18 views

CVE-2023-21440

Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1 allows attackers to take a screen capture...

6.2CVSS6.5AI score0.0006EPSS
Exploits0References1
OSV
OSVadded 2022/12/08 4:15 p.m.1 views

CVE-2022-39899

Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen gesture...

4.3CVSS5.8AI score0.0002EPSS
Exploits0References1
NVD
NVDadded 2022/12/08 4:15 p.m.9 views

CVE-2022-39899

Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen gesture...

5.7CVSS0.0002EPSS
Exploits0References1
Prion
Prionadded 2022/12/08 4:15 p.m.6 views

Authentication flaw

Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen gesture...

2.1CVSS4.8AI score0.0002EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2022/12/08 12:0 a.m.12 views

CVE-2022-39899

Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen gesture...

5.7CVSS5.9AI score0.0002EPSS
Exploits0References1
CVE
CVEadded 2022/12/08 12:0 a.m.51 views

CVE-2022-39899

CVE-2022-39899 is an improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1. The issue can allow a local attacker to send input events via S Pen gestures due to insufficient authentication around the WindowManagerService. Affected software is Samsung...

5.7CVSS4.7AI score0.0002EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2022/12/08 12:0 a.m.5 views

CVE-2022-39899

Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen gesture...

5.7CVSS7.2AI score0.0002EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2022/12/08 12:0 a.m.2 views

PT-2022-25092 · Samsung · Windowmanagerservices

Name of the Vulnerable Software and Affected Versions: Samsung WindowManagerService versions prior to SMR Dec-2022 Release 1 Description: The issue is related to improper authentication in the Samsung WindowManagerService, allowing an attacker to send input events using S Pen gestures...

5.7CVSS4.6AI score0.0002EPSS
Exploits0References3
NVD
NVDadded 2022/07/13 7:15 p.m.10 views

CVE-2022-20226

In finishDrawingWindow of WindowManagerService.java, there is a possible tapjacking due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12...

3.9CVSS0.00015EPSS
Exploits0References1
OSV
OSVadded 2022/07/13 7:15 p.m.1 views

CVE-2022-20226

In finishDrawingWindow of WindowManagerService.java, there is a possible tapjacking due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12...

3.9CVSS5.9AI score
Exploits0References1
CVE
CVEadded 2022/07/13 6:23 p.m.129 views

CVE-2022-20226

CVE-2022-20226 affects Android 12 / 12L. Root cause: in finishDrawingWindow of WindowManagerService.java, improper input validation enables tapjacking. This could allow local escalation of privilege with User privileges required; exploitation requires user interaction. Affected component is the W...

3.9CVSS4.5AI score0.00015EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2022/07/01 12:0 a.m.14 views

ASB-A-213644870

In finishDrawingWindow of WindowManagerService.java, there is a possible tapjacking due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation...

3.9CVSS4.4AI score0.00015EPSS
Exploits0References3
Rows per page
Query Builder