102 matches found
CVE-2025-22425
In onCreate of InstallStart.java, there is a possible permissions bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-22425
In onCreate of InstallStart.java, there is a possible permissions bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-0087
In onCreate of UninstallerActivity.java, there is a possible way to uninstall a different user's app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2025-36050
Name of the Vulnerable Software and Affected Versions: SelectAccountActivity.java affected versions not specified Description: A logic error in the onCreate function of SelectAccountActivity.java may allow adding contacts without the necessary permissions. This could lead to local privilege...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to a missing privilege check in the onCreate function in UninstallerActivity.java. An attacker can exploit this vulnerability to gain elevated privileg...
CVE-2025-22427
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way to grant notification access above the lock screen due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
CVE-2025-22416
In onCreate of ChooserActivity.java , there is a possible way to view other users' images due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-22427
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way to grant notification access above the lock screen due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
CVE-2025-22416
In onCreate of ChooserActivity.java , there is a possible way to view other users' images due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to elevate privileges...
ASB-A-411418366
In onCreate of FaceSettings.java, there is a possible way to remove biometric unlock across user profiles due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21251
In onCreate of ConfirmDialog.java, there is a possible way to connect to VNP bypassing user's consent due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation...
CVE-2022-20215
In onCreate of MasterClearConfirmFragment.java, there is a possible factory reset due to a tapjacking/overlay attack. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10...
Google Android onCreate function authorization issue vulnerability
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an authorization issue vulnerability that stems from a lack of permission checking in the onCreate function of ChooserActivity.java, which can be exploited by an attacker to cause a bypass of...
Amaze File Manager 安全漏洞
Amaze File Manager is an open source file manager from Amaze. A security vulnerability exists in Amaze File Manager version v.3.8.5, which originates from a vulnerability that allows a local attacker to execute arbitrary code via the onCreate method of DatabaseViewerActivity.java...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an authorization issue vulnerability that stems from a lack of permission checking in the onCreate function of ChooserActivity.java, which can be exploited by an attacker to cause a bypass of...
CVE-2024-49742
In onCreate of NotificationAccessConfirmationActivity.java , there is a possible way to hide an app with notification access in Settings due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed f...
CVE-2024-40652
In onCreate of SettingsHomepageActivity.java, there is a possible way to access the Settings app while the device is provisioning due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
CVE-2024-31323
In onCreate of multiple files, there is a possible way to trick the user into granting health permissions due to tapjacking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-31323
In onCreate of multiple files, there is a possible way to trick the user into granting health permissions due to tapjacking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...