Lucene search
K

7 matches found

CNVD
CNVD
added 2026/03/09 12:0 a.m.5 views

Google Android elevation of privilege vulnerability (CNVD-2026-13146)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that is caused by proxy obfuscation in multiple functions of MediaProvider.java that could potentially bypass the external storage write permission. An...

8.4CVSS5.8AI score0.00101EPSS
Exploits0References1
OSV
OSV
added 2026/03/02 7:16 p.m.5 views

CVE-2025-48582

In multiple locations, there is a possible way to delete media without the MANAGEEXTERNALSTORAGE permission due to an intent redirect. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS5.9AI score0.00108EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-6884

Malware in sbrugna...

4.7CVSS4.9AI score0.00296EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/09/04 6:34 p.m.5 views

CVE-2025-48532

In markMediaAsFavorite of MediaProvider.java, there is a possible way to bypass the WRITEEXTERNALSTORAGE permission due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

7.3CVSS5.9AI score0.00078EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2021/05/11 12:0 a.m.4 views

OPPO Find x has an information leakage vulnerability

OPPO Find x is a smartphone launched by OPPO Guangdong Mobile Communication Co. OPPO Find x suffers from an information leakage vulnerability. An attacker can utilize a malicious APP to listen to the user's call content through this exposed component by simply applying for the commonly used...

6.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2021/02/01 12:0 a.m.9 views

PT-2021-9033 · Tk Star · Setracker2

Name of the Vulnerable Software and Affected Versions: SeTracker2 for TK-Star Q90 Junior GPS horloge version 3.1042.9.8656 Description: An issue was discovered in the software, where it has unnecessary permissions such as READ EXTERNAL STORAGE, WRITE EXTERNAL STORAGE, and READ CONTACTS...

9.8CVSS7.2AI score0.02295EPSS
Exploits0References6
OSV
OSV
added 2020/03/18 7:15 p.m.2 views

CVE-2019-12369

The TypeApp application through 1.9.5.35 for Android allows XSS via an event attribute and arbitrary file loading via a src attribute, if the application has the READEXTERNALSTORAGE permission...

6.1CVSS6.5AI score0.00968EPSS
Exploits1References3
Rows per page
Query Builder