7 matches found
CVE-2022-20518
In query of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224770203...
Sql injection
In getMessagesByPhoneNumber of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Sql injection
In query of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224770203...
CVE-2022-20518
The CVE-2022-20518 entry concerns a SQL injection in the MmsSmsProvider.java query that can lead to local information disclosure on Android 13 (Pixel). Affected component: MmsSmsProvider.java (Android framework for messaging); root cause: improper handling of SQL queries enabling access to restri...
CVE-2022-20517
CVE-2022-20517 affects Android 13, in MmsSmsProvider.java’s getMessagesByPhoneNumber, where SQL injection can lead to access to restricted tables and local information disclosure with no extra privileges required. The CVE entry notes LOCAL attack vector with LOW exploit complexity and NONE user i...
Sql injection
In query of SmsProvider.java and MmsSmsProvider.java, there is a possible permission bypass due to SQL injection. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID...
CVE-2020-0060
In query of SmsProvider.java and MmsSmsProvider.java, there is a possible permission bypass due to SQL injection. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID...