Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-25652

Malicious code in bioql PyPI...

7.8CVSS7.5AI score0.00102EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/24 12:0 a.m.14 views

CVE-2023-20971

In removePermission of PermissionManagerServiceImpl.java, there is a possible way to obtain dangerous permissions without user consent due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed...

7.8AI score0.00105EPSS
Exploits0References2
OSV
OSV
added 2022/09/13 8:15 p.m.6 views

CVE-2022-20392

In declareDuplicatePermission of ParsedPermissionUtils.java, there is a possible way to obtain a dangerous permission without user consent due to improper input validation. This could lead to local escalation of privilege during app installation or upgrade with no additional execution privileges...

7.8CVSS5.9AI score0.00102EPSS
Exploits0References1
Prion
Prion
added 2022/09/13 8:15 p.m.21 views

Input validation

In declareDuplicatePermission of ParsedPermissionUtils.java, there is a possible way to obtain a dangerous permission without user consent due to improper input validation. This could lead to local escalation of privilege during app installation or upgrade with no additional execution privileges...

4.3CVSS7.6AI score0.00102EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/09/13 12:0 a.m.4 views

PT-2022-14618 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-12L Description: The issue is related to improper input validation in the declareDuplicatePermission function of ParsedPermissionUtils.java. This could allow an attacker to obtain a dangerous...

7.8CVSS7.4AI score0.00102EPSS
Exploits0References2
OSV
OSV
added 2022/09/01 12:0 a.m.23 views

ASB-A-213323615

In declareDuplicatePermission of ParsedPermissionUtils.java, there is a possible way to obtain a dangerous permission without user consent due to improper input validation. This could lead to local escalation of privilege during app installation or upgrade with no additional execution privileges...

7.8CVSS7.8AI score0.00102EPSS
Exploits0References3
NVD
NVD
added 2021/01/11 10:15 p.m.21 views

CVE-2021-0307

In updatePermissionSourcePackage of PermissionManagerService.java, there is a possible automatic runtime permission grant due to a confused deputy. This could lead to local escalation of privilege allowing a malicious app to silently gain access to a dangerous permission with no additional...

7.8CVSS7.8AI score0.00167EPSS
Exploits0References1
OSV
OSV
added 2021/01/11 10:15 p.m.3 views

CVE-2021-0307

In updatePermissionSourcePackage of PermissionManagerService.java, there is a possible automatic runtime permission grant due to a confused deputy. This could lead to local escalation of privilege allowing a malicious app to silently gain access to a dangerous permission with no additional...

7.8CVSS6.7AI score0.00167EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/01/11 12:0 a.m.7 views

PT-2021-12991 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-11 Description: The issue is related to a confused deputy in the updatePermissionSourcePackage function of PermissionManagerService.java, which could lead to a local escalation of privilege. This...

7.8CVSS7.7AI score0.00167EPSS
Exploits0References3
hackapp
hackapp
added 2017/04/19 7:25 p.m.12 views

FUN BY EARN - Customized SSL, Dangerous filesystem permissions, MIT license vulnerabilities

HackApp vulnerability scanner discovered that application FUN BY EARN published at the 'play' market has multiple vulnerabilities...

0.1AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:18 a.m.14 views

Dizzy Run - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Dizzy Run published at the 'play' market has multiple vulnerabilities...

0.8AI score
Exploits0References1Affected Software1
Rows per page
Query Builder