17 matches found
CVE-2021-0653
In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
EUVD-2021-12347
Malware in sbrugna...
EUVD-2021-3272
Malicious code in bioql PyPI...
CVE-2021-25451
A PendingIntent hijacking in NetworkPolicyManagerService prior to SMR Sep-2021 Release 1 allows attackers to get IMSI data...
Information disclosure
In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2021-0653
Technical details for CVE-2021-0653 are not publicly provided in the connected documents. The initial description notes a local information disclosure due to a missing permission check in NetworkPolicyManagerService. Monitor for official advisories and patches.
CVE-2021-0653
In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
ASB-A-177931370
In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2021-25451
A PendingIntent hijacking in NetworkPolicyManagerService prior to SMR Sep-2021 Release 1 allows attackers to get IMSI data...
Code injection
A PendingIntent hijacking in NetworkPolicyManagerService prior to SMR Sep-2021 Release 1 allows attackers to get IMSI data...
CVE-2021-25451
A PendingIntent hijacking in NetworkPolicyManagerService prior to SMR Sep-2021 Release 1 allows attackers to get IMSI data...
CVE-2021-25451
CVE-2021-25451 affects Android’s NetworkPolicyManagerService where a PendingIntent hijack can lead to exposure of IMSI data. The vulnerability is local, requiring user interaction, with a low-moderate CVSS (3.3 on 3.1, base score 3.3; confidentiality impact: Low). Root cause stated: manipulation ...
CVE-2020-0277
In NetworkPolicyManagerService, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege allowing a malicious app to modify the device's data plan with no additional execution privileges needed. User interaction is not needed for...
CVE-2020-0277
In NetworkPolicyManagerService, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege allowing a malicious app to modify the device's data plan with no additional execution privileges needed. User interaction is not needed for...
Authorization
In NetworkPolicyManagerService, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege allowing a malicious app to modify the device's data plan with no additional execution privileges needed. User interaction is not needed for...
CVE-2020-0277
Summary (CVE-2020-0277) : The vulnerability affects Android 11 in the NetworkPolicyManagerService . It arises from a missing permission check , allowing a local attacker to perform a permissions bypass and achieve local elevation of privilege to modify the device’s data plan without any extra exe...
CVE-2020-0277
In NetworkPolicyManagerService, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege allowing a malicious app to modify the device's data plan with no additional execution privileges needed. User interaction is not needed for...