32 matches found
Google Android elevation of privilege vulnerability (CNVD-2026-13146)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that is caused by proxy obfuscation in multiple functions of MediaProvider.java that could potentially bypass the external storage write permission. An...
CVE-2025-48582
In multiple locations, there is a possible way to delete media without the MANAGEEXTERNALSTORAGE permission due to an intent redirect. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48578
In multiple functions of MediaProvider.java, there is a possible way to bypass the WRITEEXTERNALSTORAGE permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-48582
In multiple locations, there is a possible way to delete media without the MANAGEEXTERNALSTORAGE permission due to an intent redirect. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48578
In multiple functions of MediaProvider.java, there is a possible way to bypass the WRITEEXTERNALSTORAGE permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-48578
In multiple functions of MediaProvider.java, there is a possible way to bypass the WRITEEXTERNALSTORAGE permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused by a possible way to bypass the WRITEEXTERNALSTORAGE privilege due to a lack of privilege checking in multiple functions of...
ASB-A-418225717
In multiple functions of MediaProvider.java, there is a possible way to bypass the WRITEEXTERNALSTORAGE permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
ASB-A-369105011
In multiple locations, there is a possible way to delete media without the MANAGEEXTERNALSTORAGE permission due to an intent redirect. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
EUVD-2018-6884
Malware in sbrugna...
CVE-2025-48532
In markMediaAsFavorite of MediaProvider.java, there is a possible way to bypass the WRITEEXTERNALSTORAGE permission due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-48532
In markMediaAsFavorite of MediaProvider.java, there is a possible way to bypass the WRITEEXTERNALSTORAGE permission due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-48532
In markMediaAsFavorite of MediaProvider.java, there is a possible way to bypass the WRITEEXTERNALSTORAGE permission due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-48532
Affected software: Android MediaProvider.java (markMediaAsFavorite).Root cause: a confused deputy flaw allows bypassing the WRITE_EXTERNAL_STORAGE permission, enabling local elevation of privilege.Impact: elevates privileges locally with high confidentiality, integrity and availability implicatio...
Google Android 安全漏洞
Google Android is a free and open source mobile operating system based on the Linux kernel, developed by Google Inc. and the Open Handset Alliance, and is mainly used for smartphones, tablets and other devices. Google Android suffers from an obfuscated proxy vulnerability that originates from an...
PT-2025-36057
Name of the Vulnerable Software and Affected Versions: MediaProvider.java affected versions not specified Description: A flaw exists in the markMediaAsFavorite function of MediaProvider.java that may allow bypassing the WRITE EXTERNAL STORAGE permission due to a confused deputy condition. This...
ASB-A-417194323
In markMediaAsFavorite of MediaProvider.java, there is a possible way to bypass the WRITEEXTERNALSTORAGE permission due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-53178
Permission bypass vulnerability in the calendar storage module Impact: Successful exploitation of this vulnerability may affect the schedule reminder function of head units...
PT-2025-28110 · Huawei +1 · Emui +1
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A permission bypass vulnerability exists in the calendar storage module. The successful exploitation of this issue may affect the schedule syncing function of watches. Recommendations: At th...
Unable to upload the master image on MCS machine catalog in GCP
Error when updating the catalog Action Name: MCUpdateMachineCatalog Exception: StudioErrorId : ProvisioningTaskError ErrorCategory : NotSpecified TaskState : UnknownError TaskStateInformation : Terminated ErrorId : ManagedMachineGeneralException Operation : PreparingMasterImage ErrorMessage : Err...