ASB-A-277593270

In visitUris of Notification.java, there is a possible way to reveal image contents from another user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...

Google Android Information Disclosure Vulnerability (CNVD-2023-69044)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability caused by a lack of permission checks in visitFrees of Notification.java, which can be exploited by attackers to obtain sensitive information...

CVE-2023-21288

In visitUris of Notification.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21288

In visitUris of Notification.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21288

The CVE-2023-21288 entry affects Android via the Notification.java component, where in the visitUris method a missing permission check could allow information disclosure across users. Impact: local information disclosure with User privileges required; exploitation does not require user interactio...

PT-2023-18067 · Google · Android

Name of the Vulnerable Software and Affected Versions: Notification.java affected versions not specified Description: The issue is related to a missing permission check in the visitUris method of Notification.java. This could lead to local information disclosure, with user execution privileges...

ASB-A-276294099

In visitUris of Notification.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21239

In visitUris of Notification.java, there is a possible way to leak image data across user boundaries due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Information disclosure

In visitUris of Notification.java, there is a possible way to leak image data across user boundaries due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21239

In visitUris of Notification.java, there is a possible way to leak image data across user boundaries due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21239

CVE-2023-21239 is in the Android Framework (Notification.java, visitUris) and enables local information disclosure via a confused deputy, leaking image data across user boundaries with no extra privileges and no user interaction required. Public details describe the root cause and affected AOSP v...

PT-2023-18025 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a confused deputy in the visitUris method of Notification.java, which could lead to local information disclosure across user...

ASB-A-274592467

In visitUris of Notification.java, there is a possible way to leak image data across user boundaries due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2020-0442

In Message and toBundle of Notification.java, there is a possible UI slowdown or crash due to improper input validation. This could lead to remote denial of service if a malicious contact file is received, with no additional execution privileges needed. User interaction is not needed for...

CVE-2020-0441

CVE-2020-0441 affects Android framework’s Notification.java (Message and toBundle) where improper input validation can cause resource exhaustion and remote DoS without user interaction. Affected: Android 8.0–11 (Android-8.0, -8.1, -9, -10, -11). Impact: denial of service requiring device reset as...

ASB-A-158304295

In Message and toBundle of Notification.java, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service requiring a device reset to fix with no additional execution privileges needed. User interaction is not needed for exploitation...