CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2022/02/11 6:15 p.m.•2 views

CVE-2022-24000

PendingIntent hijacking vulnerability in DataUsageReminderReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission in KnoxPrivacyNoticeReceiver via implicit Intent...

3.3CVSS5.8AI score0.00016EPSS

NVD•added 2022/02/11 6:15 p.m.•7 views

CVE-2022-23427

PendingIntent hijacking vulnerability in KnoxPrivacyNoticeReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission via implicit Intent...

7.1CVSS0.00017EPSS

ATTACKERKB•added 2022/02/11 6:15 p.m.•3 views

CVE-2022-23427

PendingIntent hijacking vulnerability in KnoxPrivacyNoticeReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission via implicit Intent...

7.1CVSS7AI score0.00017EPSS

Prion•added 2022/02/11 6:15 p.m.•15 views

Spoofing

2.1CVSS4AI score0.00016EPSS

Prion•added 2022/02/11 6:15 p.m.•13 views

Spoofing

PendingIntent hijacking vulnerability in KnoxPrivacyNoticeReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission via implicit Intent...

3.6CVSS6.7AI score0.00017EPSS

Prion•added 2022/02/11 6:15 p.m.•9 views

Spoofing

2.1CVSS4AI score0.00016EPSS

Cvelist•added 2022/02/11 5:40 p.m.•13 views

CVE-2022-23999

3.9CVSS4.5AI score0.00016EPSS

CVE•added 2022/02/11 5:40 p.m.•69 views

CVE-2022-24000

CVE-2022-24000 is confirmed by multiple sources to be a local, Privilege-Granted vulnerability in Android components (DataUsageReminderReceiver and KnoxPrivacyNoticeReceiver) where an attacker can hijack a PendingIntent via an implicit Intent to access media files without permission. The issue is...

3.9CVSS3.9AI score0.00016EPSS

Cvelist•added 2022/02/11 5:40 p.m.•17 views

CVE-2022-24000

3.9CVSS4.5AI score0.00016EPSS

CVE•added 2022/02/11 5:40 p.m.•76 views

CVE-2022-23999

CVE-2022-23999 describes a PendingIntent hijacking vulnerability in Android’s CpaReceiver prior to Samsung SMR Feb-2022 Release 1, enabling local attackers to access media files via KnoxPrivacyNoticeReceiver through an implicit Intent. Affected component is the CpaReceiver/KnoxPrivacyNoticeReceiv...

3.9CVSS3.9AI score0.00016EPSS

CVE•added 2022/02/11 5:40 p.m.•169 views

CVE-2022-23427

CVE-2022-23427 concerns a PendingIntent hijacking flaw in Samsung’s KnoxPrivacyNoticeReceiver. The vulnerability allows a local attacker to access media files via an implicit Intent prior to the SMR Feb-2022 Release 1. The descriptions across NVD, Red Hat, CNVD, CVE list, and related advisories a...

7.1CVSS6.6AI score0.00017EPSS

Cvelist•added 2022/02/11 5:40 p.m.•15 views

CVE-2022-23427

PendingIntent hijacking vulnerability in KnoxPrivacyNoticeReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission via implicit Intent...

3.9CVSS6.9AI score0.00017EPSS

CNNVD•added 2022/02/11 12:0 a.m.•2 views

Google Android 输入验证错误漏洞

Google Android is a Linux-based open source operating system from Google, Inc. An unspecified vulnerability exists in Google Android, which can be exploited by local attackers to access media files in the knoxprivacynotifyreceiver via an implicit Intent...

3.9CVSS5.8AI score0.00016EPSS

CNNVD•added 2022/02/11 12:0 a.m.•1 views

Google Android 输入验证错误漏洞

Google Android is a Linux-based open source operating system from Google. An input validation error vulnerability exists in Google Android, which can be exploited by a local attacker to gain unauthorized access to media files in KnoxPrivacyNoticeReceiver via an implicit intent...

3.9CVSS5.7AI score0.00016EPSS

CNVD•added 2022/01/21 12:0 a.m.•5 views

Samsung Dialer Information Disclosure Vulnerability (CNVD-2025-02600)

Samsung Dialer is a dialing feature for Samsung Samsung mobile devices. Samsung Dialer suffers from an information disclosure vulnerability that stems from an implicit intent hijacking in Dialer, which can be exploited by an attacker to access contact information...

4.4CVSS6.4AI score0.00079EPSS

CNVD•added 2022/01/21 12:0 a.m.•7 views

Samsung ActivityMetricsLogger Unauthorized Access Vulnerability

Samsung ActivityMetricsLogger is a progress measurement logger for Samsung mobile devices. An unauthorized access vulnerability exists in Samsung ActivityMetricsLogger that stems from an implicit intent hijacking scenario in ActivityMetricsLogger, which can be exploited by an attacker to obtain...

4CVSS6.4AI score0.00018EPSS

VulnCheck KEV•added 2022/01/12 12:0 a.m.•1 views

VulnCheck KEV: CVE-2014-0130

Directory traversal vulnerability in actionpack/lib/abstractcontroller/base.rb in the implicit-render implementation in Ruby on Rails allows remote attackers to read arbitrary files via a crafted request...

7.5CVSS7.3AI score0.5271EPSS

Exploits2References1

ATTACKERKB•added 2022/01/10 2:12 p.m.•3 views

CVE-2022-22270

An implicit Intent hijacking vulnerability in Dialer prior to SMR Jan-2022 Release 1 allows unprivileged applications to access contact information...

4.4CVSS5.8AI score0.00079EPSS

OSV•added 2022/01/10 2:12 p.m.•3 views

CVE-2022-22270

An implicit Intent hijacking vulnerability in Dialer prior to SMR Jan-2022 Release 1 allows unprivileged applications to access contact information...

3.3CVSS5.8AI score