7 matches found
Google Android elevation of privilege vulnerability (CNVD-2026-13146)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that is caused by proxy obfuscation in multiple functions of MediaProvider.java that could potentially bypass the external storage write permission. An...
CVE-2025-48582
In multiple locations, there is a possible way to delete media without the MANAGEEXTERNALSTORAGE permission due to an intent redirect. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
EUVD-2018-6884
Malware in sbrugna...
CVE-2025-48532
In markMediaAsFavorite of MediaProvider.java, there is a possible way to bypass the WRITEEXTERNALSTORAGE permission due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
OPPO Find x has an information leakage vulnerability
OPPO Find x is a smartphone launched by OPPO Guangdong Mobile Communication Co. OPPO Find x suffers from an information leakage vulnerability. An attacker can utilize a malicious APP to listen to the user's call content through this exposed component by simply applying for the commonly used...
PT-2021-9033 · Tk Star · Setracker2
Name of the Vulnerable Software and Affected Versions: SeTracker2 for TK-Star Q90 Junior GPS horloge version 3.1042.9.8656 Description: An issue was discovered in the software, where it has unnecessary permissions such as READ EXTERNAL STORAGE, WRITE EXTERNAL STORAGE, and READ CONTACTS...
CVE-2019-12369
The TypeApp application through 1.9.5.35 for Android allows XSS via an event attribute and arbitrary file loading via a src attribute, if the application has the READEXTERNALSTORAGE permission...