4 matches found
CVE-2026-0098
In getCallingPackageName of Shared.java, there is a possible way to bypass activity start restrictions due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0098
In getCallingPackageName of Shared.java, there is a possible way to bypass activity start restrictions due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-32323
In getCallingAppName of Shared.java, there is a possible way to trick users into granting file access via deceptive text in a permission popup due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...
PT-2025-36035
Name of the Vulnerable Software and Affected Versions: Shared.java affected versions not specified Description: The getCallingAppName function in Shared.java may allow an attacker to trick users into granting file access through deceptive text displayed in a permission popup. This is due to...