Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:35 p.m.6 views

CVE-2022-20394

In getInputMethodWindowVisibleHeight of InputMethodManagerService.java, there is a possible way to determine when another app is showing an IME due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is...

5CVSS5.3AI score0.00093EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/01/26 12:0 a.m.3 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android versions 10, 11, and 12, which stems from an eavesdropping/overwriting attack in onCreate of MasterClearConfirmFragment.java, which may restore factory settings and cause a...

5.5CVSS6.4AI score0.00126EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/01/24 12:0 a.m.3 views

PT-2023-12638 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions 10 through 12 Description: The issue concerns a tapjacking attack vulnerability in the In Car Settings app, specifically with the toggle button in Modify system settings. This allows attackers to overlay the toggle button,...

4.7CVSS5AI score0.00226EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.6 views

PT-2022-14666 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-12L Description: The issue is related to a tapjacking/overlay attack in the ReviewPermissionsActivity.java file. This could allow granting permissions for a separate app on devices with API level le...

7.3CVSS7AI score0.00096EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.5 views

PT-2022-14694 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-12L Description: The issue is related to the setEnabledSetting function in PackageManager.java, which can cause the device to enter an infinite reboot loop due to resource exhaustion. This can lead ...

5.5CVSS6.5AI score0.00157EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/12/06 12:0 a.m.2 views

UNISOC chipset 安全漏洞

UNISOC chipset is an integrated circuit chipset from China's Zilight Zhanrui UNISOC. A security vulnerability exists in UNISOC chipsets SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820, S8000, which originates from a lack of privilege checking in t...

7.8CVSS7.3AI score0.00109EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/12/06 12:0 a.m.5 views

UNISOC chipset 安全漏洞

UNISOC chipset is an integrated circuit chipset from China's Zilight Zhanrui UNISOC. A security vulnerability exists in UNISOC chipsets SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820, S8000, which originates from a lack of privilege checking in t...

7.8CVSS7.3AI score0.00091EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/12/06 12:0 a.m.3 views

UNISOC chipset 安全漏洞

UNISOC chipset is an integrated circuit chipset from China's Zilight Zhanrui UNISOC. A security vulnerability exists in UNISOC chipsets SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820, S8000, which originates from a lack of privilege checking in t...

7.8CVSS7.3AI score0.00109EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/10/14 12:0 a.m.2 views

UNISOC chipset 安全漏洞

UNISOC chipset is an integrated circuit chipset from China's Unisoc Corporation. A security vulnerability exists in UNISOC chipset due to a lack of privilege checking in the gallery service, which could be exploited by an attacker to cause a local denial of service, and the following products and...

5.5CVSS5.8AI score0.00083EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/10/14 12:0 a.m.5 views

UNISOC chipset 缓冲区错误漏洞

UNISOC chipset is an integrated circuit chipset from China's Unisoc Corporation. A security vulnerability exists in the UNISOC chipset. The vulnerability stems from a lack of boundary checking in the sensor driver, which may result in out-of-bounds writes, and may be exploited by an attacker to...

5.5CVSS5.7AI score0.00084EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/10/14 12:0 a.m.5 views

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from the American company Google. A security vulnerability exists in Google Android 10, Android 11, and Android 12, which stems from a lack of boundary checking in the jpg driver, which may allow out-of-bounds writes...

5.5CVSS5.7AI score0.00117EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/08/09 12:0 a.m.9 views

PT-2022-14587 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-12L Description: The issue is related to a missing permission check in the setChecked method of SecureNfcPreferenceController.java. This could lead to local escalation of privilege from the guest us...

7.8CVSS7.4AI score0.00187EPSS
Exploits0References4
OSV
OSV
added 2022/06/15 2:15 p.m.5 views

CVE-2022-20147

In nfadmchecksetconfig of nfadmmain.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

7.8CVSS5.9AI score0.00113EPSS
Exploits0References1
OSV
OSV
added 2022/06/15 1:15 p.m.4 views

CVE-2022-20135

In writeToParcel of GateKeeperResponse.java, there is a possible parcel format mismatch. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12...

7.8CVSS5.9AI score0.00198EPSS
Exploits0References1
OSV
OSV
added 2022/05/10 8:15 p.m.6 views

CVE-2022-20005

In validateApkInstallLocked of PackageInstallerSession.java, there is a way to force a mismatch between running code and a parsed APK . This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.8CVSS5.9AI score0.00215EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/05/02 12:0 a.m.3 views

MediaTek多款产品安全漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in MediaTek, which can be exploited by attackers to cause an escalation of privileges. The following products and versions are affected: chips, MT6731, MT6732, MT6735, MT6737, MT6739,...

7.8CVSS7.3AI score0.00098EPSS
Exploits0References4
OSV
OSV
added 2022/03/16 3:15 p.m.4 views

CVE-2021-39667

In ih264dparsedecodeslice of ih264dparseslice.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10...

6.5CVSS7AI score0.00682EPSS
Exploits0References1
OSV
OSV
added 2022/02/11 6:15 p.m.5 views

CVE-2021-39631

In cleardatadlgtext of strings.xml, there is a possible situation when "Clear storage" functionality sets up the wrong security/privacy expectations due to a misleading message. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not...

5.5CVSS5.9AI score0.00111EPSS
Exploits0References1
Rows per page
Query Builder