Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20 matches found

Cvelist
Cvelistadded 5 days ago27 views

CVE-2026-0088

In getCallingAppLabel of CertInstaller.java, there is a possible way to hide a sensitive security dialogue due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00005EPSS
Exploits0References1
CVE
CVEadded 5 days ago7 views

CVE-2026-0088

The CVE-2026-0088 affects Android’s CertInstaller.getCallingAppLabel, where a misleading or insufficient UI could allow hiding a sensitive security dialogue. This enables local privilege escalation with no extra privileges and no user interaction required for exploitation, as described across NVD...

7.8CVSS5.9AI score0.00005EPSS
Exploits0References1Affected Software1
CNNVD
CNNVDadded 5 days ago5 views

Google Android security vulnerabilities

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android. These vulnerabilities stem from the misleading or insufficient UI provided by the getCallingAppLabel function in CertInstaller.java, which may lead to t...

7.8CVSS5.8AI score0.00005EPSS
Exploits0References1
NVD
NVDadded 2025/12/08 5:16 p.m.2 views

CVE-2025-48575

In multiple functions of CertInstaller.java, there is a possible way to install certificates due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00004EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/12/08 4:57 p.m.1 views

CVE-2025-48575

In multiple functions of CertInstaller.java, there is a possible way to install certificates due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

6.5AI score0.00004EPSS
Exploits0References2
OSV
OSVadded 2025/12/01 12:0 a.m.5 views

ASB-A-417463103

In multiple functions of CertInstaller.java, there is a possible way to install certificates due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS6.8AI score0.00004EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2021-12258

Malware in sbrugna...

6.8CVSS6.4AI score0.00015EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2021-3155

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00012EPSS
Exploits0References1
NVD
NVDadded 2021/06/22 12:15 p.m.11 views

CVE-2021-0536

In dropFile of WiFiInstaller, there is a way to delete files accessible to CertInstaller due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.8CVSS0.00012EPSS
Exploits0References1
Prion
Prionadded 2021/06/22 12:15 p.m.10 views

Privilege escalation

In dropFile of WiFiInstaller, there is a way to delete files accessible to CertInstaller due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

4.6CVSS7.7AI score0.00012EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2021/06/22 11:1 a.m.12 views

CVE-2021-0536

In dropFile of WiFiInstaller, there is a way to delete files accessible to CertInstaller due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.9AI score0.00012EPSS
Exploits0References1
NVD
NVDadded 2021/04/09 6:15 p.m.12 views

CVE-2021-25362

An improper permission management in CertInstaller prior to SMR APR-2021 Release 1 allows untrusted applications to delete certain local files...

6.8CVSS0.00015EPSS
Exploits0References2
Prion
Prionadded 2021/04/09 6:15 p.m.19 views

Input validation

An improper permission management in CertInstaller prior to SMR APR-2021 Release 1 allows untrusted applications to delete certain local files...

3.6CVSS6.1AI score0.00015EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2021/04/09 5:36 p.m.60 views

CVE-2021-25362

CVE-2021-25362 affects Samsung CertInstaller prior to SMR APR-2021 Release 1. Root cause: improper permission management that lets untrusted apps delete certain local files. Impact varies by metric/version (CVSS3.1: LOCAL, LOW integrity, HIGH availability; CVSS2: LOCAL, PARTIAL integrity, PARTIAL...

6.8CVSS6.1AI score0.00015EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2021/04/09 5:36 p.m.13 views

CVE-2021-25362

An improper permission management in CertInstaller prior to SMR APR-2021 Release 1 allows untrusted applications to delete certain local files...

6.8CVSS6.7AI score0.00015EPSS
Exploits0References2
CVE
CVEadded 2020/12/14 9:52 p.m.101 views

CVE-2020-0460

CVE-2020-0460 affects Android 11, in CertInstaller.java (createNameCredentialDialog). Root cause: a logic error that can improperly install certificates, leading to remote information disclosure with no privileges and no user interaction required. Public details come from Android 2020-12-01/12-05...

7.5CVSS7AI score0.00172EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2020/02/13 3:15 p.m.14 views

CVE-2020-0015

In onCreate of CertInstaller.java, there is a possible way to overlay the Certificate Installation dialog by a malicious application. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

7.8CVSS7.8AI score0.00028EPSS
Exploits0References1
Prion
Prionadded 2020/02/13 3:15 p.m.13 views

Buffer overflow

In onCreate of CertInstaller.java, there is a possible way to overlay the Certificate Installation dialog by a malicious application. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

4.4CVSS8.1AI score0.00028EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2020/02/13 2:20 p.m.47 views

CVE-2020-0015

CVE-2020-0015 affects the Android framework via CertInstaller.java (onCreate), where an attacker could overlay the Certificate Installation dialog to escalate privileges locally without extra execution privileges. Impact is described as local EoP with partial confidentiality/integrity/availabilit...

7.8CVSS7.7AI score0.00028EPSS
Exploits0References1Affected Software1
ThreatPost
ThreatPostadded 2015/06/29 1:31 p.m.20 views

Amazon Patches Certificate Vulnerabilities in Fire Phones

Amazon last week patched three vulnerabilities in its Fire smartphones, including two in its Certinstaller package that put devices at risk. An attacker could take advantage of the vulnerability in the package, which allows mobile apps to install certificates on Amazon Fire devices without user...

1AI score
Exploits0References4
Rows per page
Query Builder