5 matches found
EUVD-2022-25546
Malicious code in bioql PyPI...
CVE-2023-40106
In sanitizeSbn of NotificationManagerService.java, there is a possible way to launch an activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21342
CVE-2023-21342 is an Android framework issue in RemoteSpeechRecognitionService that enables launching an activity from the background due to a logic error. This causes local elevation of privilege with no additional privileges or user interaction required. The CVSS vector (LOCAL, LOW attack compl...
CVE-2023-40116
In onTaskAppeared of PipTaskOrganizer.java, there is a possible way to bypass background activity launch restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
UBUNTU-CVE-2022-20470
In bindRemoteViewsService of AppWidgetServiceImpl.java, there is a possible way to bypass background activity launch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...