Lucene search
K

12 matches found

NVD
NVD
added 2024/09/11 12:15 a.m.33 views

CVE-2024-40650

In wifiitemeditcontent of styles.xml , there is a possible FRP bypass due to Missing check for FRP state. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.0008EPSS
Exploits0References2
NVD
NVD
added 2023/12/04 11:15 p.m.66 views

CVE-2023-21164

In DevmemIntMapPMR of devicememserver.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

9.8CVSS0.00414EPSS
Exploits0References1
OSV
OSV
added 2023/07/01 12:0 a.m.22 views

ASB-A-217981062

In multiple functions of OneTimePermissionUserManager.java, there is a possible one-time permission retention due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.7AI score0.00083EPSS
Exploits0References2
NVD
NVD
added 2023/03/24 8:15 p.m.25 views

CVE-2023-20947

In getGroupState of GrantPermissionsViewModel.kt, there is a possible way to keep a one-time permission granted due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS7.7AI score0.00098EPSS
Exploits0References1
Prion
Prion
added 2023/03/24 8:15 p.m.15 views

Memory corruption

In BufferBlock of Suballocation.cpp, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...

4.3CVSS7.7AI score0.00095EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/07/13 6:22 p.m.21 views

CVE-2022-20220

In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid...

8AI score0.00169EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/06/15 1:22 p.m.23 views

CVE-2022-20192

In grantEmbeddedWindowFocus of WindowManagerService.java, there is a possible way to change an input channel for embedded hierarchy due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.9AI score0.00112EPSS
Exploits0References1
Prion
Prion
added 2022/04/12 5:15 p.m.10 views

Input validation

In AttributionSource of AttributionSource.java, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.2CVSS7.7AI score0.00115EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2022/03/16 3:15 p.m.22 views

CVE-2021-39703

In updateState of UsbDeviceManager.java, there is a possible unauthorized access of files due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.8CVSS0.00118EPSS
Exploits0References1
OSV
OSV
added 2021/08/01 12:0 a.m.27 views

ASB-A-179386068

In sendDevicePickedIntent of DevicePickerFragment.java, there is a possible way to invoke a privileged broadcast receiver due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.8AI score0.00118EPSS
Exploits0References3
Prion
Prion
added 2021/06/22 12:15 p.m.18 views

Privilege escalation

In handleAppLaunch of AppLaunchActivity.java, there is a possible arbitrary activity launch due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

4.6CVSS7.7AI score0.00117EPSS
Exploits0References1
NVD
NVD
added 2021/01/11 10:15 p.m.28 views

CVE-2021-0306

In addAllPermissions of PermissionManagerService.java, there is a possible permissions bypass when upgrading major Android versions which allows an app to gain the android.permission.ACTIVITYRECOGNITION permission without user confirmation. This could lead to local escalation of privilege with no...

7.8CVSS7.9AI score0.00259EPSS
Exploits0References1
Rows per page
Query Builder