92 matches found
Google Android elevation of privilege vulnerability (CNVD-2026-13146)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that is caused by proxy obfuscation in multiple functions of MediaProvider.java that could potentially bypass the external storage write permission. An...
CVE-2026-0024
In isRedactionNeededForOpenViaContentResolver of MediaProvider.java, there is a possible way to reveal the location of media due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2025-48578
In multiple functions of MediaProvider.java, there is a possible way to bypass the WRITEEXTERNALSTORAGE permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2026-0035
In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
EUVD-2026-9238
In isRedactionNeededForOpenViaContentResolver of MediaProvider.java, there is a possible way to reveal the location of media due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2025-48579
In multiple functions of MediaProvider.java, there is a possible external storage write permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48579
CVE-2025-48579 involves a local elevation-of-privilege in Android’s MediaProvider.java where a proxy/Confused Deputy behavior could bypass the external storage write permission. The issue can allow a local attacker to gain elevated privileges without additional execution privileges or user intera...
EUVD-2025-208203
In multiple functions of MediaProvider.java, there is a possible external storage write permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48579
In multiple functions of MediaProvider.java, there is a possible external storage write permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
EUVD-2025-208202
In multiple functions of MediaProvider.java, there is a possible way to bypass the WRITEEXTERNALSTORAGE permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-48578
In multiple functions of MediaProvider.java, there is a possible way to bypass the WRITEEXTERNALSTORAGE permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-48578
In multiple functions of MediaProvider.java, there is a possible way to bypass the WRITEEXTERNALSTORAGE permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that is caused by proxy obfuscation in multiple functions of MediaProvider.java that could potentially bypass the external storage write permission. An...
ASB-A-418225717
In multiple functions of MediaProvider.java, there is a possible way to bypass the WRITEEXTERNALSTORAGE permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
ASB-A-418773439
In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2021-0376
In checkUriPermission and related functions of MediaProvider.java, there is a possible way to access external files due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product...
EUVD-2020-1778
Malware in sbrugna...
EUVD-2022-51047
Malicious code in bioql PyPI...
EUVD-2021-2995
Malicious code in bioql PyPI...
EUVD-2022-51046
Malicious code in bioql PyPI...