Lucene search
K

30 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-26145

Malware in sbrugna...

5.5CVSS5.5AI score0.00104EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-25083

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00142EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-25761

Malicious code in bioql PyPI...

7.3CVSS7.4AI score0.00133EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:0 a.m.4 views

CVE-2023-20913

In onCreate of PhoneAccountSettingsActivity.java and related files, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is...

7.8CVSS6.7AI score0.00125EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:0 a.m.4 views

CVE-2023-20915

In addOrReplacePhoneAccount of PhoneAccountRegistrar.java, there is a possible way to enable a phone account without user interaction due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed f...

7.8CVSS6.7AI score0.00142EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:36 p.m.4 views

CVE-2022-20501

In onCreate of EnableAccountPreferenceActivity.java, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for...

7.3CVSS6.7AI score0.00133EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:36 p.m.4 views

CVE-2022-20426

In multiple functions of many files, there is a possible obstruction of the user's ability to select a phone account due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

5.5CVSS6AI score0.00089EPSS
Exploits0References1
OSV
OSV
added 2023/11/01 12:0 a.m.24 views

ASB-A-259064622

In registerPhoneAccount of PhoneAccountRegistrar.java, uncaught exceptions in parsing persisted user data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.4AI score0.00096EPSS
Exploits0References3
OSV
OSV
added 2023/10/30 6:15 p.m.4 views

CVE-2023-21394

In registerPhoneAccount of TelecomServiceImpl.java, there is a possible way to reveal images from another user due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.9AI score0.00097EPSS
Exploits0References2
OSV
OSV
added 2023/05/15 10:15 p.m.3 views

CVE-2023-21111

In several functions of PhoneAccountRegistrar.java, there is a possible way to prevent an access to emergency services due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for...

5.5CVSS6.2AI score0.00088EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/05/15 12:0 a.m.3 views

PT-2023-17905 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: The issue is related to improper input validation in several functions of PhoneAccountRegistrar.java, which could prevent access to emergency services and lead to a local denial of...

6.2CVSS6.5AI score0.00088EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/05/15 12:0 a.m.4 views

PT-2023-17897 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: The issue arises from uncaught exceptions in parsing persisted user data within the registerPhoneAccount function of PhoneAccountRegistrar.java. This can lead to a local persistent...

5.5CVSS6.8AI score0.00096EPSS
Exploits0References5
OSV
OSV
added 2023/01/26 9:18 p.m.4 views

CVE-2023-20913

In onCreate of PhoneAccountSettingsActivity.java and related files, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is...

7.8CVSS7.2AI score0.00125EPSS
Exploits0References1
NVD
NVD
added 2023/01/26 9:18 p.m.21 views

CVE-2023-20913

In onCreate of PhoneAccountSettingsActivity.java and related files, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is...

7.8CVSS7.7AI score0.00125EPSS
Exploits0References1
OSV
OSV
added 2023/01/26 9:18 p.m.4 views

CVE-2023-20915

In addOrReplacePhoneAccount of PhoneAccountRegistrar.java, there is a possible way to enable a phone account without user interaction due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed f...

7.8CVSS7.2AI score0.00142EPSS
Exploits0References1
Prion
Prion
added 2023/01/26 9:18 p.m.25 views

Design/Logic Flaw

In onCreate of PhoneAccountSettingsActivity.java and related files, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is...

4.3CVSS7.7AI score0.00125EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/01/24 12:0 a.m.6 views

PT-2023-17705 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-13 Description: A logic error in the code of PhoneAccountRegistrar.java allows for a possible way to enable a phone account without user interaction. This could lead to local escalation of privilege...

7.8CVSS7.6AI score0.00142EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/01/24 12:0 a.m.6 views

CVE-2023-20915

In addOrReplacePhoneAccount of PhoneAccountRegistrar.java, there is a possible way to enable a phone account without user interaction due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed f...

7.3AI score0.00142EPSS
Exploits0References1
OSV
OSV
added 2023/01/01 12:0 a.m.24 views

ASB-A-246930197

In addOrReplacePhoneAccount of PhoneAccountRegistrar.java, there is a possible way to enable a phone account without user interaction due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed f...

7.8CVSS7.7AI score0.00142EPSS
Exploits0References2
OSV
OSV
added 2022/12/13 4:15 p.m.2 views

CVE-2022-20501

In onCreate of EnableAccountPreferenceActivity.java, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for...

7.3CVSS5.9AI score0.00133EPSS
Exploits0References1
Rows per page
Query Builder