15 matches found
EUVD-2022-25576
Malicious code in bioql PyPI...
CVE-2022-20316
In ContentResolver, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
Android Content Providers 101
Introduction Android has a number of different types of components that a program or app can instantiate to interact with the user or other programs. Recently Ive been looking at exported as an interesting way to manipulate information that other apps have stored. A content provider is what it...
CVE-2022-20316
In ContentResolver, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2022-20316
In ContentResolver, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2022-20316
In ContentResolver, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
Information disclosure
In ContentResolver, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from the American company Google. A security vulnerability exists in Google Android 13, which stems from a possible method to determine if an application is installed without querying permissions due to side channel information leakage ...
CVE-2022-20316
This CVE-2022-20316 affects Android 13 ContentResolver. The vulnerability involves a side-channel information disclosure that can reveal whether an app is installed without query permissions, enabling local information disclosure with no additional execution privileges required. The issue is docu...
CVE-2022-20316
In ContentResolver, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
PT-2022-14541 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: In ContentResolver, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information...
ASB-A-156260178
In SystemSettingsValidators, there is a possible permanent denial of service due to missing bounds checks on UI settings. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation...
Google Android MediaProvider Privilege Control Vulnerability
Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. A privilege control vulnerability exists in Android-11 version MediaProvider. The vulnerability stems from a privilege bypass, which can be exploited by an attacker to access ContentResolver and...
CVE-2020-0275
In MediaProvider, there is a possible way to access ContentResolver and MediaStore entries the app shouldn't have access to due to a permissions bypass. This could lead to local escalation of privilege, with no additional execution privileges needed. User interaction is not needed for...
CVE-2020-0275
In MediaProvider, there is a possible way to access ContentResolver and MediaStore entries the app shouldn't have access to due to a permissions bypass. This could lead to local escalation of privilege, with no additional execution privileges needed. User interaction is not needed for...