CVE-2024-36064

The NLL com.nll.cb aka ACR Phone application through 0.330-playStore-NoAccessibility-arm8 for Android allows any installed application with no permissions to place phone calls without user interaction by sending a crafted intent via the com.nll.cb.dialer.dialer.DialerActivity component...

CVE-2023-42718

In dialer, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

CVE-2023-42718

In dialer, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

CVE-2023-42469

The com.full.dialer.top.secure.encrypted application through 1.0.1 for Android enables any installed application with no permissions to place phone calls without user interaction by sending a crafted intent via the com.full.dialer.top.secure.encrypted.activities.DialerActivity component...

CVE-2021-39790

In Dialer, there is a possible way to manipulate visual voicemail settings due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid I...

Android OS Contacts app fails to restrict access permissions

Overview The Contacts app within the Android OS contains a vulnerability where it fails to restrict access permissions. The Contacts app within the Android OS receives requests for outgoing calls through Intents and calls the Dialer app. The Contacts app contains a vulnerability where it fails to...