35 matches found
Fedora: Security Advisory for plasma-systemsettings (FEDORA-2021-85c9774673)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
WEM 4.4 - Published Applications Launched Before WEM Agent Ends Processing Settings
Published applications from XenDesktop/XenApp are launched before the WEM agent ends processing settings. This is causing some settings configured from WEM to be used by the published applications are not getting applied before the applications are launched as it is required...
CVE-2019-20620
An issue was discovered on Samsung mobile devices with P9.0 software. The Settings application allows unauthenticated changes. The Samsung IDs are SVE-2019-13814, SVE-2019-13815 March 2019...
Code injection
An issue was discovered on Samsung mobile devices with P9.0 software. The Settings application allows unauthenticated changes. The Samsung IDs are SVE-2019-13814, SVE-2019-13815 March 2019...
CVE-2019-20620
CVE-2019-20620 affects Samsung mobile devices running P (Android 9.0) software. The issue is that the Settings application allows unauthenticated changes, per the Samsung notice referencing SVE-2019-13814 and SVE-2019-13815. Documents do not specify the exact vulnerable component, root cause deta...
Design/Logic Flaw
Android 6.x before 2016-09-01 and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism by accessing 1 an external tile from a system application, 2 the help feature, or 3 the Settings application during a pre-setup stage, aka...
Design/Logic Flaw
The AppWidgetServiceImpl implementation in com/android/server/appwidget/AppWidgetServiceImpl.java in the Settings application in Android before 5.1.1 LMY48I allows attackers to obtain a URI permission via an application that sends an Intent with a 1 FLAGGRANTREADURIPERMISSION or 2...
CVE-2015-1541
CVE-2015-1541 affects Android before version 5.1.1 (LMY48I). The issue resides in AppWidgetServiceImpl in Settings, where an application can obtain a URI permission by sending an Intent with FLAG_GRANT_READ_URI_PERMISSION or FLAG_GRANT_WRITE_URI_PERMISSION. This bypasses intended restrictions and...
CVE-2015-3844
The getProcessRecordLocked method in services/core/java/com/android/server/am/ActivityManagerService.java in ActivityManager in Android before 5.1.1 LMY48I allows attackers to trigger incorrect process loading via a crafted application, as demonstrated by interfering with use of the Settings...
CVE-2014-8609
The addAccount method in src/com/android/settings/accounts/AddAccountSettings.java in the Settings application in Android before 5.0.0 does not properly create a PendingIntent, which allows attackers to use the SYSTEM uid for broadcasting an intent with arbitrary component, action, or category...
CVE-2014-8609
The addAccount method in src/com/android/settings/accounts/AddAccountSettings.java in the Settings application in Android before 5.0.0 does not properly create a PendingIntent, which allows attackers to use the SYSTEM uid for broadcasting an intent with arbitrary component, action, or category...
Android Settings Pendingintent Leak Vulnerability
In Android versions prior to 5.0 and possibly greater than and equal to 4.0, Settings application leaks Pendingintent with a blank base intent neither the component nor the action is explicitly set to third party applications. Due to this, a malicious app can use this to broadcast intent with the...
Android Bug 1 7 3 5 6 8 2 4 BroadcastAnywhere vulnerability analysis-vulnerability warning-the black bar safety net
2 0 1 4 year 8 month, retme analysis of Android to fix a vulnerability, and the name for the launchAnyWhere1 In debugging this vulnerability, I found the Settings Application there is also a similar vulnerability, and 9 reported to the Android Security Team, title, Privilege escalation...
CVE-2010-1756
The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an unintended network...
CVE-2010-1756
The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an unintended network...