14 matches found
CVE-2026-0005
In onServiceDisconnected of KeyguardServiceDelegate.java, there is a possible partial bypass of app pinning allowing limited interaction with other apps without knowing the LSKF due to a missing permission check. This could lead to local information disclosure where the extent of interaction and...
CVE-2026-0005
In onServiceDisconnected of KeyguardServiceDelegate.java, there is a possible partial bypass of app pinning allowing limited interaction with other apps without knowing the LSKF due to a missing permission check. This could lead to local information disclosure where the extent of interaction and...
EUVD-2026-9224
In onServiceDisconnected of KeyguardServiceDelegate.java, there is a possible partial bypass of app pinning allowing limited interaction with other apps without knowing the LSKF due to a missing permission check. This could lead to local information disclosure where the extent of interaction and...
CVE-2026-0005
In onServiceDisconnected of KeyguardServiceDelegate.java, there is a possible partial bypass of app pinning allowing limited interaction with other apps without knowing the LSKF due to a missing permission check. This could lead to local information disclosure where the extent of interaction and...
ASB-A-366405211
In onServiceDisconnected of KeyguardServiceDelegate.java, there is a possible partial bypass of app pinning allowing limited interaction with other apps without knowing the LSKF due to a missing permission check. This could lead to local information disclosure where the extent of interaction and...
CVE-2021-0472
In shouldLockKeyguard of LockTaskController.java, there is a possible way to exit App Pinning without a PIN due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
Linux Distros Unpatched Vulnerability : CVE-2016-3838
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Android 6.x before 2016-08-01 allows attackers to cause a denial of service loss of locked-screen 911 functionality via a crafted application that uses the...
CVE-2025-32331
CVE-2025-32331 involves a logic error in showDismissibleKeyguard within KeyguardService.java that could allow bypassing app pinning, enabling local escalation of privilege without user interaction. The connected sources consistently describe a local-privilege-elevation scenario tied to KeyguardSe...
CVE-2021-0472
CVE-2021-0472 concerns a local elevation-of-privilege in Android 9–11 due to a permissions bypass in shouldLockKeyguard (LockTaskController.java) that could allow exiting App Pinning without a PIN and without user interaction. The issue is limited to the Framework component and is described as en...
ASB-A-176801033
In shouldLockKeyguard of LockTaskController.java, there is a possible way to exit App Pinning without a PIN due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Design/Logic Flaw
An issue was discovered on Samsung mobile devices with N7.x software. Dex Station allows App Pinning bypass and lock-screen bypass via the "Use screen lock type to unpin" option. The Samsung ID is SVE-2017-11106 February 2018...
CVE-2018-21082
Affected product: Samsung mobile devices running N(7.x) with Dex Station. Issue: Dex Station enables App Pinning bypass and lock-screen bypass via the To unpin screen lock option. Root cause: bypass of app pinning/lock screen through the “Use screen lock type to unpin” flow. Impact: allows bypass...
CVE-2016-3838
Android 6.x before 2016-08-01 allows attackers to cause a denial of service loss of locked-screen 911 functionality via a crafted application that uses the app-pinning feature, aka internal bug 28761672...
UBUNTU-CVE-2016-3838
Android 6.x before 2016-08-01 allows attackers to cause a denial of service loss of locked-screen 911 functionality via a crafted application that uses the app-pinning feature, aka internal bug 28761672...