CVE-2024-27222

In onSkipButtonClick of FaceEnrollFoldPage.java, there is a possible way to access the file the app cannot access due to Intent Redirect GRANTURIPERMISSIONS Attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2023-40122

In applyCustomDescription of SaveUi.java, there is a possible way to view other user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2022-32617

In typec, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitatio...

CVE-2021-39639

In TBD of fvp.c, there is a possible way to glitch CPU behavior due to a missing permission check. This could lead to local escalation of privilege with physical access to device internals with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2023-21374

In System UI, there is a possible factory reset protection bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2022-20260

In the Phone app, there is a possible crash loop due to resource exhaustion. This could lead to local persistent denial of service in the Phone app with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-220865698...