62 matches found
CVE-2022-20276
CVE-2022-20276 concerns the Android 13 framework where the DevicePolicyManager exposes a side-channel that can reveal whether an app is installed without query permissions. The vulnerability is described as a local information-disclosure issue that does not require user interaction. The affected ...
CVE-2022-20275
CVE-2022-20275 affects Android 13 devices due to a side-channel disclosure in the DevicePolicyManager that can reveal whether an app is installed without query permissions. The root cause is a information-disclosure path that enables local access to installation state without user interaction or ...
CVE-2022-20275
In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
PT-2022-14503 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information...
PT-2022-14501 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue allows an attacker to determine whether an app is installed without requiring query permissions, due to side channel information disclosure in DevicePolicyManager. This could lead to local...
CVE-2022-20138
CVE-2022-20138 concerns a missing permission check in the Android framework, specifically in ACTION_MANAGED_PROFILE_PROVISIONED of DevicePolicyManagerService.java. The issue allows an unprivileged app to send the MANAGED_PROFILE_PROVISIONED intent, potentially enabling local elevation of privileg...
Google Android Information Disclosure Vulnerability (CNVD-2022-26768)
Google Android is a Linux-based open-source operating system from the U.S. Google Android has a security vulnerability that stems from the leakage of side channel information in DevicePolicyManager, which can be exploited by attackers to obtain sensitive information...
Google Android Information Disclosure Vulnerability (CNVD-2022-44593)
Google Android is a Linux-based open source operating system from Google, Inc. Google Android is vulnerable to an information disclosure vulnerability that originates from the disclosure of side channel information in DevicePolicyManager. An attacker could use this vulnerability to obtain sensiti...
CVE-2021-39745
In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2021-39755
In DevicePolicyManager, there is a possible way to reveal the existence of an installed package without proper query permissions due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not need...
CVE-2021-39744
In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
Information disclosure
In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
Information disclosure
In DevicePolicyManager, there is a possible way to reveal the existence of an installed package without proper query permissions due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not need...
Information disclosure
In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2021-39755
CVE-2021-39755 is a framework issue in Android 12L related to DevicePolicyManager that allows local information disclosure: an attacker could reveal the existence of an installed package without proper query permissions, with no user interaction. The Android 12L security release notes attribute t...
CVE-2021-39755
In DevicePolicyManager, there is a possible way to reveal the existence of an installed package without proper query permissions due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not need...
CVE-2021-39745
In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2021-39745
CVE-2021-39745 affects Android 12L and is described in multiple feeds as a side-channel information disclosure in DevicePolicyManager that could let an attacker determine whether an app is installed without query permissions. The vulnerability enables local information disclosure with no addition...
CVE-2021-39744
In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2021-39744
CVE-2021-39744 affects Android 12L and is described in Android 12L security release notes. The vulnerability arises in the DevicePolicyManager, enabling a side-channel that can determine whether an app is installed without query permissions, leading to local information disclosure without additio...