CVE-2025-21030

Improper handling of insufficient permission in AppPrelaunchManagerService prior to SMR Sep-2025 Release 1 in Chinese Android 15 allows local attackers to execute arbitrary application in the background...

CVE-2025-21030

Improper handling of insufficient permission in AppPrelaunchManagerService prior to SMR Sep-2025 Release 1 in Chinese Android 15 allows local attackers to execute arbitrary application in the background...

CVE-2025-21025

CVE-2025-21025 affects MARsExemptionManager in Samsung Mobile devices. The issue is improper access control in MARsExemptionManager before SMR Sep-2025 Release 1, enabling a local attacker to be excluded from background execution management. Documented details indicate the vulnerability is local ...

CVE-2025-21025

Improper access control in MARsExemptionManager prior to SMR Sep-2025 Release 1 allows local attackers to be excluded from background execution management...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices versions prior to SMR Sep-2025 Release 1, which stems from improper access control and could...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices versions prior to SMR Sep-2025 Release 1, which stems from improper handling of permissions...

PT-2025-35679

Name of the Vulnerable Software and Affected Versions: MARsExemptionManager versions prior to SMR Sep-2025 Release 1 Description: Improper access control in MARsExemptionManager allows local attackers to be excluded from background execution management. Recommendations: Update MARsExemptionManage...

CVE-2025-22437

In setMediaButtonReceiver of multiple files, there is a possible way to launch arbitrary activities from background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-22437

In setMediaButtonReceiver of multiple files, there is a possible way to launch arbitrary activities from background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-40653

In multiple functions of ConnectionServiceWrapper.java, there is a possible way to retain a permission forever in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

CVE-2025-22437

In setMediaButtonReceiver of multiple files, there is a possible way to launch arbitrary activities from background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-22437

In setMediaButtonReceiver of multiple files, there is a possible way to launch arbitrary activities from background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-22437

In setMediaButtonReceiver of multiple files, there is a possible way to launch arbitrary activities from background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-22437

CVE-2025-22437 is tied to a logic error in Android’s setMediaButtonReceiver across multiple files, enabling a background process to launch arbitrary activities and cause local privilege escalation without extra execution privileges or user interaction. The vulnerability is categorized as Elevatio...

CVE-2024-40653

In multiple functions of ConnectionServiceWrapper.java, there is a possible way to retain a permission forever in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

PT-2025-35634

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: A logic error in the code within setMediaButtonReceiver of multiple files may allow launching arbitrary activities from the background. This could lead to loc...

PT-2025-35617

Name of the Vulnerable Software and Affected Versions: ConnectionServiceWrapper.java affected versions not specified Description: Multiple functions within ConnectionServiceWrapper.java contain a logic error that may allow for the indefinite retention of a permission in the background. Exploitati...

ASB-A-392614489

In executeAppFunction of AppSearchManagerService.java, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-388029380

In checkPermissions of SafeActivityOptions.java, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-401545800

In onNullBinding of RemoteFillService.java, there is a possible background activity launch due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...