8 matches found
CVE-2024-40653
In multiple functions of ConnectionServiceWrapper.java, there is a possible way to retain a permission forever in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
CVE-2024-40653
In multiple functions of ConnectionServiceWrapper.java, there is a possible way to retain a permission forever in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
ASB-A-293458004
In multiple functions of ConnectionServiceWrapper.java, there is a possible way to retain a permission forever in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
Google Android Information Disclosure Vulnerability (CNVD-2024-45226)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability caused by an obfuscated agent in handleCreateConferenceComplete of ConnectionServiceWrapper.java. An attacker can exploit the vulnerability to obtain...
Google Android Information Disclosure Vulnerability (CNVD-2024-49505)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability caused by an obfuscated agent in handleCreateConferenceComplete of ConnectionServiceWrapper.java. An attacker can exploit this vulnerability to obtain...
CVE-2024-40656
In handleCreateConferenceComplete of ConnectionServiceWrapper.java, there is a possible way to reveal images across users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2024-40656
In handleCreateConferenceComplete of ConnectionServiceWrapper.java, there is a possible way to reveal images across users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2024-40656
In handleCreateConferenceComplete of ConnectionServiceWrapper.java, there is a potential information disclosure across users due to a confused deputy. This could cause local information disclosure without requiring additional execution privileges, and exploitation requires user interaction. The v...