34 matches found
CVE-2022-20218
In PermissionController, there is a possible way to get and retain permissions without user's consent due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:...
CVE-2022-20218
CVE-2022-20218 affects Android 12/12L, with the PermissionController component vulnerable due to a logic error that can allow obtaining and retaining permissions without user consent. This yields local elevation of privilege and, per sources, requires user interaction to exploit. AOSP/Android Bul...
Google Android 安全漏洞
Google Android is a Linux-based operating system from Google, Inc. An elevation of privilege vulnerability exists in Google Android versions 12 and 12L. The vulnerability stems from a logic error in the PermissionController component code, and there is a possible way to gain and retain privileges...
Google Android Information Disclosure Vulnerability (CNVD-2022-28925)
Google Android is a Linux-based open source operating system from Google, Inc. An information disclosure vulnerability exists in Google Android, which stems from the insecure use of PendingIntent in the PermissionController, which could bypass permissions. An attacker could use this vulnerability...
CVE-2021-39757
In PermissionController, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-176094662...
CVE-2021-39746
In PermissionController, there is a possible way to delete some local files due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID:...
CVE-2021-39757
In PermissionController, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-176094662...
CVE-2021-39746
In PermissionController, there is a possible way to delete some local files due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID:...
Privilege escalation
In PermissionController, there is a possible way to delete some local files due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID:...
CVE-2021-39757
In PermissionController, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-176094662...
CVE-2021-39757
CVE-2021-39757 affects Android 12L with a permission bypass in the PermissionController caused by unsafe PendingIntent, enabling local information disclosure. Exploitation requires low privileges and no user interaction, with potential access to sensitive data on the device as described in multip...
CVE-2021-39746
In PermissionController, there is a possible way to delete some local files due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID:...
CVE-2021-39746
CVE-2021-39746 affects Android 12L Framework, specifically a vulnerability in PermissionController caused by an unsafe PendingIntent. This could lead to local escalation of privilege with user execution privileges needed and no user interaction required, per the CVE description. Red Hat and Andro...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google, Inc. An information disclosure vulnerability exists in Google Android, which stems from the insecure use of PendingIntent in the PermissionController, which could bypass permissions. An attacker could use this vulnerability...