18 matches found
EUVD-2023-25518
Malicious code in bioql PyPI...
CVE-2025-32322
In onCreate of MediaProjectionPermissionActivity.java , there is a possible way to grant a malicious app a token enabling unauthorized screen recording capabilities due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed...
CVE-2025-32322
In onCreate of MediaProjectionPermissionActivity.java , there is a possible way to grant a malicious app a token enabling unauthorized screen recording capabilities due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed...
CVE-2025-32322
In onCreate of MediaProjectionPermissionActivity.java , there is a possible way to grant a malicious app a token enabling unauthorized screen recording capabilities due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed...
CVE-2025-32322
CVE-2025-32322 concerns a vulnerability in the Wear OS/Android platform involving onCreate in a media projection flow (MediaProjectionPermissionActivity.java). The issue arises from improper input validation that could allow a malicious app to obtain a token enabling unauthorized screen recording...
PT-2025-36091
Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: A flaw exists in MediaProjectionPermissionActivity.java that may allow a malicious application to obtain a token enabling unauthorized screen recording. This could lead to local escalation ...
CVE-2023-21350
In Media Projection, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
ASB-A-372670004
In onCreate of MediaProjectionPermissionActivity.java, there is a possible way to bypass user consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21350
In Media Projection, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-21350
In Media Projection, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
Information disclosure
In Media Projection, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-21350
In Media Projection, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-21350
CVE-2023-21350 affects Android's Media Projection component. An attacker can infer whether a target app is installed via a side-channel disclosure, without query permissions, enabling local information leakage with no user interaction. Impact is limited to confidentiality (high) per sources; atta...
PT-2023-18126 · Google · Media Projection
Name of the Vulnerable Software and Affected Versions: Media Projection affected versions not specified Description: In Media Projection, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to loc...
The vulnerability of the Android operating system allows a hacker to bypass the user’s warning when a screenshot is taken and gain access to the protected information.
The vulnerability of the Media Projection component in the Android operating system is related to deficiencies in access control for certain functions. Exploiting this vulnerability allows a malicious actor to bypass user notifications about screen capture and gain access to protected information...
Android Information Leakage Vulnerability
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, of which Media Projection is a media projection component. A security vulnerability exists in the Media Projection component of Android. The vulnerability can be exploited by an...
CVE-2015-3878
Media Projection in Android 5.x before 5.1.1 LMY48T and 6.0 before 2015-10-01 allows attackers to bypass an intended screen-recording warning feature and obtain sensitive screen-snapshot information via a crafted application that references a long application name, aka internal bug 23345192...
CVE-2015-3878
The CVE-2015-3878 issue affects the Media Projection component in Android 5.x (before 5.1.1 LMY48T) and Android 6.0 (before the 2015-10-01 patch). A vulnerability arises when an application uses an excessively long name, which can bypass the screen-recording warning and allow a local attacker to ...