9 matches found
CVE-2023-21088
In deliverOnFlushComplete of LocationProviderManager.java, there is a possible way to bypass background activity launch restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed fo...
CVE-2023-21081
In multiple functions of PackageInstallerService.java and related files, there is a possible way to bypass background activity launch restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...
CVE-2023-42531
Improper access control vulnerability in SmsController prior to SMR Nov-2023 Release1 allows local attackers to bypass restrictions on starting activities from the background...
PT-2023-28397 · Unknown · Smscontroller
Name of the Vulnerable Software and Affected Versions: SmsController versions prior to SMR Nov-2023 Release1 Description: The issue is related to improper access control in the SmsController, allowing local attackers to bypass restrictions on starting activities from the background...
CVE-2023-40116
In onTaskAppeared of PipTaskOrganizer.java, there is a possible way to bypass background activity launch restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2023-27274 · Google · Android
Name of the Vulnerable Software and Affected Versions: PipTaskOrganizer.java affected versions not specified Description: The issue is related to a logic error in the code of PipTaskOrganizer.java, specifically in the onTaskAppeared method. This error can be exploited to bypass background activit...
CVE-2023-21088
In deliverOnFlushComplete of LocationProviderManager.java, there is a possible way to bypass background activity launch restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed fo...
CVE-2023-21081
In multiple functions of PackageInstallerService.java and related files, there is a possible way to bypass background activity launch restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...
CVE-2014-0127
The time-validation implementation in 1 mod/feedback/complete.php and 2 mod/feedback/completeguest.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote authenticated users to bypass intended restrictions on starting a Feedback activity by...