26 matches found
EUVD-2018-21053
Malware in sbrugna...
EUVD-2023-25436
Malicious code in bioql PyPI...
EUVD-2022-25709
Malicious code in bioql PyPI...
CVE-2023-20943
In clearApplicationUserData of ActivityManagerService.java, there is a possible way to remove system files due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...
ASB-A-200034476
In multiple locations, there is a possible Android/data access due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2024-8581
A vulnerability in the uploadapp function of parisneo/lollms-webui V12 Strawberry allows an attacker to delete any file or directory on the system. The function does not implement user input filtering with the filename value, causing a Path Traversal error...
CVE-2023-35670
In computeValuesFromData of FileUtils.java, there is a possible way to insert files to other apps' external private directories due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-35670
In computeValuesFromData of FileUtils.java, there is a possible way to insert files to other apps' external private directories due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-21268
CVE-2023-21268 concerns a path traversal issue in the Android MmsProvider.java update that can alter directory permissions. The vulnerability enables a local attacker to trigger a denial of service affecting SIM recognition, without requiring additional execution privileges. Exploitation is descr...
CVE-2023-21093
In extractRelativePath of FileUtils.java, there is a possible way to access files in a directory belonging to other applications due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-21093
CVE-2023-21093 concerns a path traversal in Android’s FileUtils.extractRelativePath that can let an attacker access files in directories belonging to other apps, enabling local elevation of privilege with no extra execution privileges and no user interaction. The vulnerability affects Android 11–...
CVE-2023-20943
In clearApplicationUserData of ActivityManagerService.java, there is a possible way to remove system files due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...
CVE-2023-20943
In clearApplicationUserData of ActivityManagerService.java, there is a possible way to remove system files due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...
CVE-2023-20943
In clearApplicationUserData of ActivityManagerService.java, there is a possible way to remove system files due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...
CVE-2022-20505
In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitationProduct: AndroidVersions: Android-13Android ID: A-225981...
CVE-2022-20449
In writeApplicationRestrictionsLAr of UserManagerService.java, there is a possible overwrite of system files due to a path traversal error. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2022-20449
In writeApplicationRestrictionsLAr of UserManagerService.java, there is a possible overwrite of system files due to a path traversal error. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
ASB-A-239701237
In writeApplicationRestrictionsLAr of UserManagerService.java, there is a possible overwrite of system files due to a path traversal error. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation...
CVE-2022-20453
CVE-2022-20453 affects Android 10–13 (Android-10 to Android-13) and involves a path traversal in MmsProvider.java that can constrict directory permissions, enabling local DoS of SIM recognition. The exploit requires user interaction and does not grant additional code execution privileges. The bas...
PT-2022-14675 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-13 Description: The issue is related to a path traversal error in the update of MmsProvider.java, which could lead to a constriction of directory permissions. This might cause a local denial of...