13 matches found
EUVD-2025-26838
Malicious code in bioql PyPI...
CVE-2025-32326
In multiple functions of AppRestrictionsFragment.java, there is a possible way to bypass intent security check due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-32326
In multiple functions of AppRestrictionsFragment.java, there is a possible way to bypass intent security check due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-32326
CVE-2025-32326 describes a local elevation of privilege in Android via a confused deputy in AppRestrictionsFragment.java, enabling bypass of the intent security check. Impact is local with user interaction required; no additional execution privileges needed. Root cause: insecure bypass in multipl...
PT-2025-36038
Name of the Vulnerable Software and Affected Versions: AppRestrictionsFragment.java affected versions not specified Description: The software contains a potential confused deputy issue in multiple functions within the AppRestrictionsFragment.java file. This could allow for local privilege...
CVE-2024-40676
In checkKeyIntent of AccountManagerService.java, there is a possible way to bypass intent security check and install an unknown app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-42546
Use of implicit intent for sensitive communication vulnerability in startAgreeToDisclaimerActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege...
Google Android elevation of privilege vulnerability (CNVD-2025-14977)
Google Android is a free and open source mobile operating system developed by Google Inc. based on the Linux kernel. Google Android suffers from an elevation of privilege vulnerability that stems from an obfuscated sub-sub-sub-sub-sub-sub-sub issue in the checkKeyIntent function of...
CVE-2024-40676
In checkKeyIntent of AccountManagerService.java, there is a possible way to bypass intent security check and install an unknown app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2024-40676
In checkKeyIntent of AccountManagerService.java, there is a possible way to bypass intent security check and install an unknown app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2024-40676
In checkKeyIntent of AccountManagerService.java, there is a possible way to bypass intent security check and install an unknown app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2024-40676
CVE-2024-40676 affects Google Android. The issue lies in checkKeyIntent of AccountManagerService.java, which can bypass the intent security check and allow installing an unknown app due to a confused deputy. This enables local elevation of privilege without requiring execution privileges or user ...
CVE-2024-40676
In checkKeyIntent of AccountManagerService.java, there is a possible way to bypass intent security check and install an unknown app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...