Lucene search
K

9 matches found

Cvelist
Cvelist
added 2023/10/27 8:22 p.m.33 views

CVE-2023-40123

In updateActionViews of PipMenuView.java, there is a possible bypass of a multi user security boundary due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5AI score0.00089EPSS
Exploits0References2
OSV
OSV
added 2023/07/01 12:0 a.m.32 views

ASB-A-243794108

In getPendingIntentLaunchFlags of ActivityOptions.java, there is a possible elevation of privilege due to a confused deputy with no additional execution privileges needed. User interaction is not needed for exploitation...

9.8CVSS9.2AI score0.00772EPSS
Exploits0References4
Prion
Prion
added 2023/04/19 8:15 p.m.14 views

Information disclosure

In getNumberFromCallIntent of NewOutgoingCallIntentBroadcaster.java, there is a possible way to enumerate other user's contact phone number due to a confused deputy. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for...

1.7CVSS5AI score0.00082EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2022/03/16 3:15 p.m.32 views

CVE-2021-39703

In updateState of UsbDeviceManager.java, there is a possible unauthorized access of files due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.8CVSS0.00118EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/02/11 5:40 p.m.27 views

CVE-2021-39668

In onActivityViewReady of DetailDialog.kt, there is a possible Intent Redirect due to a confused deputy. This could lead to local escalation of privilege that allows actions performed as the System UI, with no additional execution privileges needed. User interaction is needed for...

7.9AI score0.00132EPSS
Exploits0References1
Prion
Prion
added 2021/10/22 2:15 p.m.16 views

Design/Logic Flaw

In runDumpHeap of ActivityManagerShellCommand.java, there is a possible deletion of system files due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.2CVSS7.3AI score0.00145EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/06/22 12:15 p.m.19 views

Privilege escalation

In handleAppLaunch of AppLaunchActivity.java, there is a possible arbitrary activity launch due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

4.6CVSS7.7AI score0.00117EPSS
Exploits0References1
CVE
CVE
added 2021/03/10 4:10 p.m.53 views

CVE-2021-0383

CVE-2021-0383 affects CaptivePortalLoginActivity.java on Android 11. Root cause: a confused deputy could lead to local escalation of privilege in carrier settings without additional execution privileges; no user interaction required. Impact: partial confidentiality/integrity/availability (HIGH fo...

7.8CVSS7.6AI score0.00124EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/09/05 10:15 p.m.13 views

Information disclosure

In ComposeActivityEmailExternal of ComposeActivityEmailExternal.java in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible way to silently attach files to an email due to a confused deputy. This could lead to local information disclosure...

2.1CVSS5.1AI score0.00139EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder