Lucene search
K

22 matches found

Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.9 views

PT-2026-35867

Name of the Vulnerable Software and Affected Versions PackageManagerService versions prior to SMR Mar-2026 Release 1 Description Insufficient verification of data authenticity in the PackageManagerService allows local attackers to modify the installation restriction of specific applications...

6.9CVSS5.8AI score0.00104EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-26838

Malicious code in bioql PyPI...

7.8CVSS6.5AI score0.00082EPSS
Exploits0References2
CNVD
CNVD
added 2025/09/08 12:0 a.m.4 views

Google Android elevation of privilege vulnerability (CNVD-2025-23025)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused by a way to bypass intent security checks due to proxy obfuscation in multiple functions in AppRestrictions Fragment.java. An attacker can...

7.8CVSS7.4AI score0.00082EPSS
Exploits0References1
CNVD
CNVD
added 2025/09/08 12:0 a.m.4 views

Google Android elevation of privilege vulnerability (CNVD-2025-24496)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to an unsafe deserialization flaw in the assertSafeToStartCustomActivity function in AppRestrictions Fragment.java. An attacker can exploit the...

7.8CVSS7.4AI score0.00164EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/06 7:31 p.m.7 views

CVE-2025-48535

In assertSafeToStartCustomActivity of AppRestrictionsFragment.java , there is a possible way to exploit a parcel mismatch resulting in a launch anywhere vulnerability due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. Us...

7.8CVSS6.9AI score0.00164EPSS
Exploits0References1
OSV
OSV
added 2025/09/04 7:15 p.m.5 views

CVE-2025-48535

In assertSafeToStartCustomActivity of AppRestrictionsFragment.java , there is a possible way to exploit a parcel mismatch resulting in a launch anywhere vulnerability due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. Us...

7.8CVSS5.9AI score
Exploits0References2
NVD
NVD
added 2025/09/04 7:15 p.m.6 views

CVE-2025-32326

In multiple functions of AppRestrictionsFragment.java, there is a possible way to bypass intent security check due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

7.8CVSS0.00082EPSS
Exploits0References2
OSV
OSV
added 2025/09/04 7:15 p.m.2 views

CVE-2025-32326

In multiple functions of AppRestrictionsFragment.java, there is a possible way to bypass intent security check due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

7.8CVSS5.9AI score0.00082EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/04 6:34 p.m.4 views

CVE-2025-48535

In assertSafeToStartCustomActivity of AppRestrictionsFragment.java , there is a possible way to exploit a parcel mismatch resulting in a launch anywhere vulnerability due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. Us...

6.3AI score0.00164EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/04 6:34 p.m.8 views

CVE-2025-48535

In assertSafeToStartCustomActivity of AppRestrictionsFragment.java , there is a possible way to exploit a parcel mismatch resulting in a launch anywhere vulnerability due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. Us...

0.00164EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/04 6:33 p.m.2 views

CVE-2025-32326

In multiple functions of AppRestrictionsFragment.java, there is a possible way to bypass intent security check due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

6.3AI score0.00082EPSS
Exploits0References2
CVE
CVE
added 2025/09/04 6:33 p.m.33 views

CVE-2025-32326

CVE-2025-32326 describes a local elevation of privilege in Android via a confused deputy in AppRestrictionsFragment.java, enabling bypass of the intent security check. Impact is local with user interaction required; no additional execution privileges needed. Root cause: insecure bypass in multipl...

7.8CVSS6.4AI score0.00082EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/09/04 6:33 p.m.6 views

CVE-2025-32326

In multiple functions of AppRestrictionsFragment.java, there is a possible way to bypass intent security check due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

0.00082EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/04 12:0 a.m.5 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused by a way to bypass intent security checks due to proxy obfuscation in multiple functions in AppRestrictions Fragment.java. An attacker can...

7.8CVSS7.3AI score0.00082EPSS
Exploits0References2
OSV
OSV
added 2025/09/01 12:0 a.m.11 views

ASB-A-365739560

In multiple functions of AppRestrictionsFragment.java, there is a possible way to bypass intent security check due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

7.8CVSS7AI score0.00082EPSS
Exploits0References2
OSV
OSV
added 2024/11/13 6:15 p.m.5 views

CVE-2024-43080

In onReceive of AppRestrictionsFragment.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

7.8CVSS5.9AI score0.00122EPSS
Exploits0References2
OSV
OSV
added 2024/09/01 12:0 a.m.20 views

ASB-A-341886134

In addPreferencesForType of AccountTypePreferenceLoader.java, there is a possible way to disable apps for other users due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.8AI score0.00079EPSS
Exploits0References2
OSV
OSV
added 2022/07/13 7:15 p.m.1 views

CVE-2022-20223

In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS5.9AI score0.00167EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/07/06 12:0 a.m.4 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, Inc. A security vulnerability exists in Google Android, which is caused by an obfuscation proxy in AppRestrictionsFragment.java. The vulnerability is caused by an obfuscated proxy in assertSafeToStartCustomActivity. An...

7.8CVSS5.7AI score0.00167EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2016/08/29 11:43 p.m.22 views

Chainfire's SuHide — Now You Can Hide Your Android Root Status On Per-App Basis

Famous Android developer Chainfire released an experimental hack with a new app, called "Suhide," that allows users to hide the root status of their rooted Android devices on an app-by-app basis. Rooting your Android device can bring a lot of benefits by giving you access to a wide variety of app...

6.7AI score
Exploits0
Rows per page
Query Builder