CVE-2026-21023

Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application...

CVE-2018-9374

In installPackageLI of PackageManagerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

EUVD-2020-1533

Malware in sbrugna...

EUVD-2020-1603

Malware in sbrugna...

EUVD-2020-1529

Malware in sbrugna...

EUVD-2020-1581

Malware in sbrugna...

EUVD-2019-11732

Malware in sbrugna...

EUVD-2020-1904

Malware in sbrugna...

EUVD-2021-6499

Malicious code in bioql PyPI...

EUVD-2021-6477

Malicious code in bioql PyPI...

EUVD-2021-3140

Malicious code in bioql PyPI...

EUVD-2021-6478

Malicious code in bioql PyPI...

EUVD-2021-3541

Malicious code in bioql PyPI...

CVE-2025-48538

CVE-2025-48538 affects the Android Framework, specifically the PackageManagerService.setApplicationHiddenSettingAsUser function. The root cause is improper input validation when hiding system-critical packages, which can allow local denial of service without requiring exploits or user interaction...

CVE-2024-43769

In isPackageDeviceAdmin of PackageManagerService.java, there is a possible edge case which could prevent the uninstallation of CloudDpc due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed...

CVE-2024-31331

In setMimeGroup of PackageManagerService.java, there is a possible way to hide the service from Settings due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation...

CVE-2021-1010

In getSigningKeySet of PackageManagerService.java, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-189857801...

CVE-2020-0439

In generatePackageInfo of PackageManagerService.java, there is a possible permissions bypass due to an incorrect permission check. This could lead to local escalation of privilege that allows instant apps access to permissions not allowed for instant apps, with no additional execution privileges...

CVE-2020-0097

In various methods of PackageManagerService.java, there is a possible permission bypass due to a missing condition for system apps. This could lead to local escalation of privilege with User privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...

CVE-2020-0074

In verifyIntentFiltersIfNeeded of PackageManagerService.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...