Lucene search
K

62 matches found

CVE
CVE
added 2022/08/11 3:15 p.m.71 views

CVE-2022-20276

CVE-2022-20276 concerns the Android 13 framework where the DevicePolicyManager exposes a side-channel that can reveal whether an app is installed without query permissions. The vulnerability is described as a local information-disclosure issue that does not require user interaction. The affected ...

5.5CVSS5.4AI score0.00095EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/08/11 3:15 p.m.62 views

CVE-2022-20275

CVE-2022-20275 affects Android 13 devices due to a side-channel disclosure in the DevicePolicyManager that can reveal whether an app is installed without query permissions. The root cause is a information-disclosure path that enables local access to installation state without user interaction or ...

5.5CVSS5.4AI score0.00095EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/08/11 3:15 p.m.24 views

CVE-2022-20275

In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

5.7AI score0.00095EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/08/11 12:0 a.m.2 views

PT-2022-14503 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information...

5.5CVSS5AI score0.00095EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/08/11 12:0 a.m.5 views

PT-2022-14501 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue allows an attacker to determine whether an app is installed without requiring query permissions, due to side channel information disclosure in DevicePolicyManager. This could lead to local...

5.5CVSS5.2AI score0.00095EPSS
Exploits0References2
CVE
CVE
added 2022/06/15 1:2 p.m.164 views

CVE-2022-20138

CVE-2022-20138 concerns a missing permission check in the Android framework, specifically in ACTION_MANAGED_PROFILE_PROVISIONED of DevicePolicyManagerService.java. The issue allows an unprivileged app to send the MANAGED_PROFILE_PROVISIONED intent, potentially enabling local elevation of privileg...

7.8CVSS7.6AI score0.00209EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2022/04/06 12:0 a.m.11 views

Google Android Information Disclosure Vulnerability (CNVD-2022-26768)

Google Android is a Linux-based open-source operating system from the U.S. Google Android has a security vulnerability that stems from the leakage of side channel information in DevicePolicyManager, which can be exploited by attackers to obtain sensitive information...

5.5CVSS2.8AI score0.00104EPSS
Exploits0References1
CNVD
CNVD
added 2022/04/01 12:0 a.m.11 views

Google Android Information Disclosure Vulnerability (CNVD-2022-44593)

Google Android is a Linux-based open source operating system from Google, Inc. Google Android is vulnerable to an information disclosure vulnerability that originates from the disclosure of side channel information in DevicePolicyManager. An attacker could use this vulnerability to obtain sensiti...

5.5CVSS1.9AI score0.00104EPSS
Exploits0References1
NVD
NVD
added 2022/03/30 4:15 p.m.23 views

CVE-2021-39745

In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

5.5CVSS0.00104EPSS
Exploits0References1
NVD
NVD
added 2022/03/30 4:15 p.m.22 views

CVE-2021-39755

In DevicePolicyManager, there is a possible way to reveal the existence of an installed package without proper query permissions due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not need...

5.5CVSS0.00104EPSS
Exploits0References1
NVD
NVD
added 2022/03/30 4:15 p.m.23 views

CVE-2021-39744

In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

5.5CVSS0.00104EPSS
Exploits0References1
Prion
Prion
added 2022/03/30 4:15 p.m.16 views

Information disclosure

In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

2.1CVSS5.3AI score0.00104EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/03/30 4:15 p.m.18 views

Information disclosure

In DevicePolicyManager, there is a possible way to reveal the existence of an installed package without proper query permissions due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not need...

2.1CVSS5.4AI score0.00104EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/03/30 4:15 p.m.15 views

Information disclosure

In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

2.1CVSS5.3AI score0.00104EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/03/30 4:2 p.m.85 views

CVE-2021-39755

CVE-2021-39755 is a framework issue in Android 12L related to DevicePolicyManager that allows local information disclosure: an attacker could reveal the existence of an installed package without proper query permissions, with no user interaction. The Android 12L security release notes attribute t...

5.5CVSS5.4AI score0.00104EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/03/30 4:2 p.m.22 views

CVE-2021-39755

In DevicePolicyManager, there is a possible way to reveal the existence of an installed package without proper query permissions due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not need...

5.8AI score0.00104EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/03/30 4:2 p.m.22 views

CVE-2021-39745

In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

5.7AI score0.00104EPSS
Exploits0References1
CVE
CVE
added 2022/03/30 4:2 p.m.87 views

CVE-2021-39745

CVE-2021-39745 affects Android 12L and is described in multiple feeds as a side-channel information disclosure in DevicePolicyManager that could let an attacker determine whether an app is installed without query permissions. The vulnerability enables local information disclosure with no addition...

5.5CVSS5.4AI score0.00104EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/03/30 4:2 p.m.20 views

CVE-2021-39744

In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

5.7AI score0.00104EPSS
Exploits0References1
CVE
CVE
added 2022/03/30 4:2 p.m.75 views

CVE-2021-39744

CVE-2021-39744 affects Android 12L and is described in Android 12L security release notes. The vulnerability arises in the DevicePolicyManager, enabling a side-channel that can determine whether an app is installed without query permissions, leading to local information disclosure without additio...

5.5CVSS5.4AI score0.00104EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder