14 matches found
CVE-2024-34604
Improper access control in LedCoverService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background...
CVE-2024-34605
Improper access control in SamsungHealthService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background...
EUVD-2022-37687
Malicious code in bioql PyPI...
EUVD-2024-34936
Malicious code in bioql PyPI...
CVE-2024-34637
Improper access control in WindowManagerService prior to SMR Sep-2024 Release 1 in Android 12, and SMR Jun-2024 Release 1 in Android 13 and Android 14 allows local attackers to bypass restrictions on starting services from the background...
CVE-2024-34606
Improper access control in SmartThingsService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background...
CVE-2022-34738
The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background...
CVE-2024-34637
Improper access control in WindowManagerService prior to SMR Sep-2024 Release 1 in Android 12, and SMR Jun-2024 Release 1 in Android 13 and Android 14 allows local attackers to bypass restrictions on starting services from the background...
CVE-2024-34606
Improper access control in SmartThingsService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background...
CVE-2024-34608
The CVE-2024-34608 issue is an improper access control in PaymentManagerService prior to the SMR Aug-2024 Release 1, enabling local attackers to bypass restrictions on starting background services. Publicly noted in multiple sources, the vulnerability affects PaymentManagerService versions earlie...
PT-2024-26021 · Unknown · Smartthingsservice
Name of the Vulnerable Software and Affected Versions: SmartThingsService versions prior to SMR Aug-2024 Release 1 Description: The issue is related to improper access control in SmartThingsService, allowing local attackers to bypass restrictions on starting services from the background...
CVE-2023-21099
In multiple methods of PackageInstallerSession.java, there is a possible way to start foreground services from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2022-34738
The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background...
HUAWEI HarmonyOS 安全漏洞
HUAWEI HarmonyOS is an operating system from China's Huawei HUAWEI. HUAWEI HarmonyOS version 2.0 contains an authorization issue vulnerability that stems from improper privilege management in the SystemUI module, which could be exploited by an attacker to cause device services to run in the...