22 matches found
PT-2026-35867
Name of the Vulnerable Software and Affected Versions PackageManagerService versions prior to SMR Mar-2026 Release 1 Description Insufficient verification of data authenticity in the PackageManagerService allows local attackers to modify the installation restriction of specific applications...
EUVD-2025-26838
Malicious code in bioql PyPI...
Google Android elevation of privilege vulnerability (CNVD-2025-23025)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused by a way to bypass intent security checks due to proxy obfuscation in multiple functions in AppRestrictions Fragment.java. An attacker can...
Google Android elevation of privilege vulnerability (CNVD-2025-24496)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to an unsafe deserialization flaw in the assertSafeToStartCustomActivity function in AppRestrictions Fragment.java. An attacker can exploit the...
CVE-2025-48535
In assertSafeToStartCustomActivity of AppRestrictionsFragment.java , there is a possible way to exploit a parcel mismatch resulting in a launch anywhere vulnerability due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. Us...
CVE-2025-48535
In assertSafeToStartCustomActivity of AppRestrictionsFragment.java , there is a possible way to exploit a parcel mismatch resulting in a launch anywhere vulnerability due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. Us...
CVE-2025-32326
In multiple functions of AppRestrictionsFragment.java, there is a possible way to bypass intent security check due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-32326
In multiple functions of AppRestrictionsFragment.java, there is a possible way to bypass intent security check due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-48535
In assertSafeToStartCustomActivity of AppRestrictionsFragment.java , there is a possible way to exploit a parcel mismatch resulting in a launch anywhere vulnerability due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. Us...
CVE-2025-48535
In assertSafeToStartCustomActivity of AppRestrictionsFragment.java , there is a possible way to exploit a parcel mismatch resulting in a launch anywhere vulnerability due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. Us...
CVE-2025-32326
In multiple functions of AppRestrictionsFragment.java, there is a possible way to bypass intent security check due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-32326
CVE-2025-32326 describes a local elevation of privilege in Android via a confused deputy in AppRestrictionsFragment.java, enabling bypass of the intent security check. Impact is local with user interaction required; no additional execution privileges needed. Root cause: insecure bypass in multipl...
CVE-2025-32326
In multiple functions of AppRestrictionsFragment.java, there is a possible way to bypass intent security check due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused by a way to bypass intent security checks due to proxy obfuscation in multiple functions in AppRestrictions Fragment.java. An attacker can...
ASB-A-365739560
In multiple functions of AppRestrictionsFragment.java, there is a possible way to bypass intent security check due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2024-43080
In onReceive of AppRestrictionsFragment.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
ASB-A-341886134
In addPreferencesForType of AccountTypePreferenceLoader.java, there is a possible way to disable apps for other users due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2022-20223
In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google, Inc. A security vulnerability exists in Google Android, which is caused by an obfuscation proxy in AppRestrictionsFragment.java. The vulnerability is caused by an obfuscated proxy in assertSafeToStartCustomActivity. An...
Chainfire's SuHide — Now You Can Hide Your Android Root Status On Per-App Basis
Famous Android developer Chainfire released an experimental hack with a new app, called "Suhide," that allows users to hide the root status of their rooted Android devices on an app-by-app basis. Rooting your Android device can bring a lot of benefits by giving you access to a wide variety of app...