17 matches found
CVE-2025-48646
In executeRequest of ActivityStarter.java, there is a possible launch anywhere due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-48646
In the connected PTSecurity documents, CVE-2025-48646 is listed among High-severity CVEs in upcoming patch previews (PT-2026-4689, PT-2026-4690, PT-2026-4685, PT-2026-4688, PT-2026-4686, PT-2026-4692, PT-2026-4684, PT-2026-4691, PT-2026-4683). The sources provide no technical specifics about the ...
CVE-2025-48646
In executeRequest of ActivityStarter.java, there is a possible launch anywhere due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
Linux Distros Unpatched Vulnerability : CVE-2019-2173
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In startActivityMayWait of ActivityStarter.java, there is a possible incorrect Activity launch due to an incorrect permission check. This could lead to local...
CVE-2023-21343
In ActivityStarter, there is a possible background activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21343
In ActivityStarter, there is a possible background activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21343
In ActivityStarter, there is a possible background activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Privilege escalation
In ActivityStarter, there is a possible background activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21343
In ActivityStarter, there is a possible background activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21343
CVE-2023-21343 affects Android’s ActivityStarter where an unsafe PendingIntent can trigger a background activity launch, enabling local elevation of privilege without user interaction. Affected component: ActivityStarter (framework). Root cause: unsafe PendingIntent that can be exploited locally....
CVE-2023-21343
In ActivityStarter, there is a possible background activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2023-18119 · Unknown · Activitystarter
Name of the Vulnerable Software and Affected Versions: ActivityStarter affected versions not specified Description: The issue is related to an unsafe PendingIntent in ActivityStarter, which could lead to a background activity launch. This might result in local escalation of privilege without...
CVE-2023-21269
In startActivityInner of ActivityStarter.java, there is a possible way to launch an activity into PiP mode from the background due to BAL bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Design/Logic Flaw
In startActivityInner of ActivityStarter.java, there is a possible way to launch an activity into PiP mode from the background due to BAL bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21269
In startActivityInner of ActivityStarter.java, there is a possible way to launch an activity into PiP mode from the background due to BAL bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2019-2173
In startActivityMayWait of ActivityStarter.java, there is a possible incorrect Activity launch due to an incorrect permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2019-2173
In startActivityMayWait of ActivityStarter.java, there is a possible incorrect Activity launch due to an incorrect permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...