40 matches found
CVE-2019-2023
In ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller. This could allow an app to add or replace a HAL service with its own service, gaining code execution in a privileged process.Product: AndroidVersions: Android-8....
EUVD-2021-26163
Malware in sbrugna...
EUVD-2019-11665
Malware in sbrugna...
EUVD-2017-4726
Malware in sbrugna...
EUVD-2016-4913
Malware in sbrugna...
Malicious code in OCI.DotNetSDK.Servicemanager.proxy (NuGet)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-4597 Malicious code in OCI.DotNetSDK.Servicemanager.proxy (NuGet)
--- -= Per source details. Do not edit below this line.=-...
CVE-2021-39806
In closef of labelbackendsandroid.c, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege during startup of servicemanager, if an attacker can trigger an initialization failure, with no additional execution privileges needed. User...
Double free
In closef of labelbackendsandroid.c, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege during startup of servicemanager, if an attacker can trigger an initialization failure, with no additional execution privileges needed. User...
CVE-2021-39806
CVE-2021-39806 affects Android 12L, with a memory corruption risk due to a double free in closef of label_backends_android.c. The issue could enable local escalation of privilege during servicemanager startup if an initialization failure is triggered, with no additional execution privileges requi...
ASB-A-203847542
In ipcSetDataReference of Parcel.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2021-0919
In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer overflow. This could lead to local denial of service making the lockscreen unusable with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...
CVE-2019-16112
TylerTech Eagle 2018.3.11 deserializes untrusted user input, resulting in remote code execution via a crafted Java object to the recorder/ServiceManager?service=tyler.empire.settings.SettingManager URI...
TylerTech Eagle 2018.3.11 - Remote Code Execution Exploit
Exploit for java platform in category web applications Exploit Title: TylerTech Eagle 2018.3.11 - Remote Code Execution Exploit Author: Anthony Cole Vendor Homepage: https://www.tylertech.com/products/eagle Version: 2018.3.11 Tested on: Windows 2012 CVE: N/A Category: webapps Eagle is a software...
Calling getpidcon for One Way Binder Transactions Returns Wrong Security Context
The servicemanager, keystore and drmserver all use getpidcon function to get the security context of the caller from a binder. When combined with a one way binder transaction this results in getting the security context of the current process which might allow a selinux mac bypass. Recent...
The vulnerability of the ServiceManager service in the Android operating system allows a hacker to increase their privileges.
The vulnerability of the ServiceManager service cmds/servicemanager/servicemanager.c in the Android operating system is related to deficiencies in access control for certain functions. Exploiting this vulnerability allows a malicious actor to enhance their privileges through a specially created...
CVE-2019-2023
In ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller. This could allow an app to add or replace a HAL service with its own service, gaining code execution in a privileged process.Product: AndroidVersions: Android-8....
Code injection
In ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller. This could allow an app to add or replace a HAL service with its own service, gaining code execution in a privileged process.Product: AndroidVersions: Android-8....
CVE-2019-2023
In ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller. This could allow an app to add or replace a HAL service with its own service, gaining code execution in a privileged process.Product: AndroidVersions: Android-8....
CVE-2019-2023
CVE-2019-2023 affects Android's hardware ServiceManager::add, where an insecure PID-based permissions check can let an app add or replace a HAL service, enabling code execution in a privileged process. Supported in multiple feeds (NVD, Red Hat, PRION, CIRCL) with exploited/attack data referenced ...