16 matches found
CVE-2021-0644
In conditionallyRemoveIdentifiers of SubscriptionController.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for...
EUVD-2021-6475
Malicious code in bioql PyPI...
EUVD-2021-3263
Malicious code in bioql PyPI...
EUVD-2021-3262
Malicious code in bioql PyPI...
CVE-2022-20225
In getSubscriptionProperty of SubscriptionController.java, there is a possible read of a sensitive identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-20225
CVE-2022-20225 is an Android information-disclosure vulnerability in getSubscriptionProperty() of SubscriptionController.java caused by a missing permission check. The issue could allow a local attacker to read a sensitive identifier without user interaction. Affected Android versions listed in t...
Google Android Information Disclosure Vulnerability (CNVD-2022-61748)
Google Android is a Linux-based open source operating system from Google, Inc. Google Android is vulnerable to an information disclosure vulnerability caused by a lack of The vulnerability is caused by a lack of permission checking in the getSubscriptionProperty of SubscriptionController.java. An...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google, Inc. Google Android is vulnerable to an information disclosure vulnerability caused by a lack of The vulnerability is caused by a lack of permission checking in the getSubscriptionProperty of SubscriptionController.java. An...
Code injection
In addSubInfo of SubscriptionController.java, there is a possible way to force the user to make a factory reset due to a logic error in the code. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2021-1008
In addSubInfo of SubscriptionController.java, there is a possible way to force the user to make a factory reset due to a logic error in the code. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product:...
Information disclosure
In getAllSubInfoList of SubscriptionController.java, there is a possible way to retrieve a long term identifier without the correct permissions due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed...
CVE-2021-0643
CVE-2021-0643 describes an information disclosure vulnerability in Android where getAllSubInfoList in SubscriptionController.java could allow retrieval of a long-term identifier without proper permission checks. Affected products are Android 10–12. The issue is described across multiple sources (...
CVE-2021-0644
In conditionallyRemoveIdentifiers of SubscriptionController.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for...
Information disclosure
In conditionallyRemoveIdentifiers of SubscriptionController.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for...
CVE-2021-0644
In conditionallyRemoveIdentifiers of SubscriptionController.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for...
CVE-2021-0641
In getAvailableSubscriptionInfoList of SubscriptionController.java, there is a possible disclosure of unique identifiers due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...