CVE-2026-0094

In getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into approving access to certificates due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed fo...

CVE-2026-0094

Technical details for CVE-2026-0094 are not publicly available in the provided documents; monitor for updates.

ASB-A-471173239

In getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into approving access to certificates due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed fo...

Google Android security vulnerabilities

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android. These vulnerabilities stem from the misleading or insufficient UI provided by the getApplicationLabel function in KeyChainActivity.java, which may lead...

PT-2026-45598

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description In the getApplicationLabel function of KeyChainActivity.java, misleading or insufficient user interface elements may allow a user to be tricked into approving...

CVE-2023-48417

Missing Permission checks resulting in unauthorized access and Manipulation in KeyChainActivity Application...

CVE-2023-48417

Missing Permission checks resulting in unauthorized access and Manipulation in KeyChainActivity Application...

CVE-2023-48417

Missing Permission checks resulting in unauthorized access and Manipulation in KeyChainActivity Application...

CVE-2023-48417

Missing Permission checks resulting in unauthorized access and Manipulation in KeyChainActivity Application...

CVE-2023-48417

CVE-2023-48417 affects KeyChainActivity in Chromecast devices (KeyChain component) and stems from missing permission checks, enabling unauthorized access and manipulation of KeyChain operations. The issue can allow an attacker to escalate privileges and manipulate KeyChain via a malicious Intent ...

PT-2023-30838 · Unknown · Keychainactivity Application

Name of the Vulnerable Software and Affected Versions: KeyChainActivity Application affected versions not specified Description: The issue is related to missing permission checks, resulting in unauthorized access and manipulation in the KeyChainActivity Application. This allows an attacker to...

ASB-A-221859869

In choosePrivateKeyAlias of KeyChain.java, there is a possible access to the user's certificate due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

Google Android Elevation of Privilege Vulnerability (CNVD-2022-47669)

Google Android is a Linux-based open source operating system from Google, Inc. An elevation of privilege vulnerability exists in Google Android, which originates in onCreate of KeyChainActivity.java. The application certificate stored in the keychain can be exploited by an attacker, who can use t...

CVE-2021-0963

In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in keychain due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

Design/Logic Flaw

In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in keychain due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

CVE-2021-0963

In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in keychain due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

CVE-2021-0963

CVE-2021-0963 involves a tapjacking/overlay vulnerability in KeyChainActivity.java that could allow an app certificate stored in the Android keychain to be misused, resulting in local elevation of privilege. Public details in the provided documents confirm the issue affects Android versions 9–12 ...

ASB-A-199754277

In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in keychain due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...