579 matches found
EUVD-2021-3096
Malicious code in bioql PyPI...
EUVD-2025-26830
Malicious code in bioql PyPI...
EUVD-2022-6540
Malicious code in bioql PyPI...
EUVD-2021-3551
Malicious code in bioql PyPI...
CVE-2025-32347
In onStart of BiometricEnrollIntroduction.java, there is a possible way to determine the device's location due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2023-21466
PendingIntent hijacking vulnerability in CertificatePolicy in framework prior to SMR Apr-2023 Release 1 allows local attackers to access contentProvider without proper permission...
CVE-2025-32347
CVE-2025-32347 affects the Android BiometricEnrollIntroduction.java onStart path, where an unsafe PendingIntent can disclose the device’s location, enabling local privilege elevation with no extra privileges. Exploitation requires user interaction. Root cause: unsafe PendingIntent leading to info...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to elevate privileges...
CVE-2023-21466
PendingIntent hijacking vulnerability in CertificatePolicy in framework prior to SMR Apr-2023 Release 1 allows local attackers to access contentProvider without proper permission...
CVE-2023-21466
PendingIntent hijacking vulnerability in CertificatePolicy in framework prior to SMR Apr-2023 Release 1 allows local attackers to access contentProvider without proper permission...
CVE-2023-21466
PendingIntent hijacking vulnerability in CertificatePolicy in framework prior to SMR Apr-2023 Release 1 allows local attackers to access contentProvider without proper permission...
CVE-2023-21466
CVE-2023-21466 is a PendingIntent hijacking vulnerability in the CertificatePolicy component of the Android framework on Samsung devices, prior to SMR Apr-2023 Release 1. It allows local attackers to access a contentProvider without proper permission. Affected: CertificatePolicy in framework; imp...
SAMSUNG Mobile devices 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices versions prior to SMR Apr-2023 Release 1, which stems from PendingIntent hijacking in...
PT-2025-35659
Name of the Vulnerable Software and Affected Versions: framework versions prior to SMR Apr-2023 Release 1 Description: A PendingIntent hijacking issue exists in CertificatePolicy within the framework. This allows local attackers to access a contentProvider without the necessary permissions...
CVE-2023-21229
In registerServiceLocked of ManagedServices.java, there is a possible bypass of background activity launch restrictions due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-41826
A PendingIntent hijacking vulnerability in Motorola Device Help Genie application that could allow local attackers to access files or interact with non-exported software components without permission...
CVE-2023-44125
The vulnerability is the use of implicit PendingIntents without the PendingIntent.FLAGIMMUTABLE set that leads to theft and/or over-write of arbitrary files with system privilege in the Personalized service "com.lge.abba" app. The attacker's app, if it had access to app notifications, could...
CVE-2023-42573
PendingIntent hijacking vulnerability in Search Widget prior to version 3.4 in China models allows local attackers to access data...
CVE-2023-42539
PendingIntent hijacking vulnerability in ChallengeNotificationManager in Samsung Health prior to version 6.25 allows local attackers to access data...
CVE-2023-41819
A PendingIntent hijacking vulnerability was reported in the Motorola Face Unlock application that could allow a local attacker to access unauthorized content providers...