Lucene search
K

7 matches found

Positive Technologies
Positive Technologies
added 2024/11/28 12:0 a.m.7 views

PT-2024-10652 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions prior to the fixed version Description: The issue allows for local escalation of privilege or information disclosure due to uninitialized data or a pending intent. This could lead to accessing user metadata or local informati...

8.4CVSS6.8AI score0.00091EPSS
Exploits0References3
OSV
OSV
added 2023/09/27 3:19 p.m.2 views

CVE-2023-44125

The vulnerability is the use of implicit PendingIntents without the PendingIntent.FLAGIMMUTABLE set that leads to theft and/or over-write of arbitrary files with system privilege in the Personalized service "com.lge.abba" app. The attacker's app, if it had access to app notifications, could...

7.8CVSS5.9AI score0.00125EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/04/20 12:0 a.m.7 views

PT-2023-12335 · Onos · Onos

Name of the Vulnerable Software and Affected Versions: ONOS version 2.5.1 Description: An issue was discovered in the IntentManager of ONOS. The install-requested intent, which causes an exception, remains in the pendingMap in memory forever. Deletion of this intent is not possible, neither by a...

7.5CVSS7.5AI score0.00654EPSS
Exploits1References6
OSV
OSV
added 2022/08/13 12:0 a.m.5 views

GHSA-CM6R-892J-JV2G Google Play Services SDK leads to apps having incorrectly set mutability flag

Apps developed with Google Play Services SDK incorrectly had the mutability flag set to PendingIntents that were passed to the Notification service. As Google Play services SDK is so widely used, this bug affects many applications. For an application affected, this bug will let the attacker, gain...

6.1CVSS7.2AI score0.00105EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/08/12 12:0 a.m.7 views

Google Play services 安全漏洞

Google Play services is used by Google Inc. to update Google apps and other applications provided by Google Play. A security vulnerability exists in the Google Play Services SDK that stems from an application incorrectly setting the variability flag to PendingIntents and passing it to the...

8.4CVSS7.7AI score0.00105EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/08/12 12:0 a.m.15 views

PT-2022-16319 · Google · Google Play Services Sdk

Name of the Vulnerable Software and Affected Versions: Google Play Services SDK versions prior to 18.0.2 Description: The issue arises from the incorrect setting of the mutability flag in PendingIntents passed to the Notification service in apps developed with the Google Play Services SDK. This b...

8.4CVSS8.3AI score0.00105EPSS
Exploits0References6
OSV
OSV
added 2020/10/01 12:0 a.m.37 views

ASB-A-156020795

In various locations in SystemUI, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure of contact data with User execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.1AI score0.00168EPSS
Exploits0References2
Rows per page
Query Builder