102 matches found
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates in the onCreate method of the multiple files file, which can be exploited to trick a user into granting health privileges via tapjacking. A...
PT-2024-23969 · Google · Android
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves a possible way to trick the user into granting health permissions due to tapjacking in the onCreate method of multiple files. This...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which stems from a missing privilege check in the onCreate method of the WifiDialogActivity.java file, which can be exploited by an attacker to escalate...
PT-2024-20020 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The issue is related to a missing permission check in the onCreate method of WifiDialogActivity.java, which could allow bypassing the DISALLOW ADD WIFI CONFIG restriction. This could lead t...
CVE-2024-0021
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way for an app in the work profile to enable notification listener services due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused by a privilege bypass in onCreate of ApnEditor.java. An attacker can exploit this vulnerability to gain elevated privileges...
The vulnerability of the onCreate method in Android operating systems allows attackers to escalate their privileges.
The vulnerability of the onCreate method in Android operating systems is related to state management errors. Exploiting this vulnerability can allow attackers to gain increased privileges...
CVE-2023-35674
In onCreate of WindowState.java, there is a possible way to launch a background activity due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-35677
In onCreate of DeviceAdminAdd.java, there is a possible way to forcibly add a device admin due to a missing permission check. This could lead to local denial of service factory reset or continuous locking with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-35677
CVE-2023-35677 describes a DoS vulnerability in Android where, in the onCreate path of DeviceAdminAdd.java, a missing permission check could allow a device admin to be forcibly added. This enables local denial of service (factory reset or persistent locking) without extra execution privileges and...
CVE-2023-35677
In onCreate of DeviceAdminAdd.java, there is a possible way to forcibly add a device admin due to a missing permission check. This could lead to local denial of service factory reset or continuous locking with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-35674
The CVE-2023-35674 issue affects the Android Framework, specifically an onCreate path in WindowState.java that can launch a background activity due to a logic error. This enables local elevation of privilege without extra execution privileges and without user interaction. The Android Security Bul...
PT-2023-25262 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The issue is related to a missing permission check in the onCreate method of DeviceAdminAdd.java, which could allow a device admin to be forcibly added. This could lead to local denial of...
ASB-A-280793427
In onCreate of DeviceAdminAdd.java, there is a possible way to forcibly add a device admin due to a missing permission check. This could lead to local denial of service factory reset or continuous locking with no additional execution privileges needed. User interaction is not needed for...
Design/Logic Flaw
In onCreate of LockSettingsActivity.java, there is a possible way set a new lockscreen PIN without entering the existing PIN due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitatio...
PT-2023-17926 · Google · Android
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a missing permission check in the onCreate method of ManagePermissionsActivity.java. This could allow bypassing factory reset...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android onCreate module has an authorization issue vulnerability that stems from a lack of permission checking in the onCreate module of ManagePermissionsActivity.java, with one possible way to bypass the Restore...
CVE-2023-21251
In onCreate of ConfirmDialog.java, there is a possible way to connect to VNP bypassing user's consent due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation...
CVE-2023-21251
CVE-2023-21251 affects the Android Framework, specifically the onCreate path in ConfirmDialog.java . The issue describes an improper input validation that could permit a connection to VNP without user consent, yielding a local elevation of privilege (requires user interaction). The impact is cons...
CVE-2023-21251
In onCreate of ConfirmDialog.java, there is a possible way to connect to VNP bypassing user's consent due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation...