Lucene search
K

120 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:23 a.m.10 views

CVE-2024-34677

Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate...

4CVSS6.2AI score0.00139EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:1 a.m.5 views

CVE-2023-21374

In System UI, there is a possible factory reset protection bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS6.8AI score0.0009EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:13 p.m.7 views

CVE-2020-0114

In onCreateSliceProvider of KeyguardSliceProvider.java, there is a possible confused deputy due to a PendingIntent error. This could lead to local escalation of privilege that allows actions performed as the System UI, with no additional execution privileges needed. User interaction is not needed...

7.8CVSS7AI score0.00336EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/07 8:24 a.m.5 views

CVE-2025-20975

Improper Export of Android Application Components in AODService prior to version 8.8.28.12 allows local attackers to launch arbitrary activity with systemui privilege...

5.5CVSS5.5AI score0.0012EPSS
Exploits0References1
NVD
NVD
added 2024/11/06 3:15 a.m.27 views

CVE-2024-34677

Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate...

4CVSS0.00139EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/06 2:17 a.m.9 views

CVE-2024-34677

Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate...

4CVSS6.3AI score0.00139EPSS
Exploits0References1
CVE
CVE
added 2024/11/06 2:17 a.m.55 views

CVE-2024-34677

CVE-2024-34677 relates to a vulnerability in Samsung Mobile’s System UI prior to the SMR Nov-2024 Release 1. The issue enables local attackers to exploit a flaw in System UI to disclose sensitive information and to cause malicious apps to appear legitimate. The publicly documented affected compon...

4CVSS4.1AI score0.00139EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/11/06 2:17 a.m.21 views

CVE-2024-34677

Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate...

4CVSS0.00139EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/06 12:0 a.m.5 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from South Korea's Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Nov-2024 Release 1 prior to version 1, which stems from System UI contains a sensitive information...

4CVSS5.5AI score0.00139EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/05 12:0 a.m.3 views

PT-2024-26098 · Systemui · Systemui

Name of the Vulnerable Software and Affected Versions: System UI versions prior to SMR Nov-2024 Release 1 Description: The issue allows local attackers to expose sensitive information and make malicious apps appear as legitimate. This is achieved by exploiting a flaw in the System UI...

4CVSS6.5AI score0.00139EPSS
Exploits0References5
OSV
OSV
added 2024/03/08 2:15 a.m.5 views

CVE-2024-23262

This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 1.1, iOS 17.4 and iPadOS 17.4, iOS 16.7.6 and iPadOS 16.7.6. An app may be able to spoof system notifications and UI...

3.3CVSS5.7AI score0.0048EPSS
Exploits0References7
NVD
NVD
added 2023/10/30 6:15 p.m.27 views

CVE-2023-21374

In System UI, there is a possible factory reset protection bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.8AI score0.0009EPSS
Exploits0References1
Prion
Prion
added 2023/10/30 6:15 p.m.21 views

Design/Logic Flaw

In System UI, there is a possible factory reset protection bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

4.3CVSS8.2AI score0.0009EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/10/30 5:1 p.m.23 views

CVE-2023-21374

In System UI, there is a possible factory reset protection bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.5AI score0.0009EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/30 5:1 p.m.12 views

CVE-2023-21374

In System UI, there is a possible factory reset protection bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8AI score0.0009EPSS
Exploits0References1
CVE
CVE
added 2023/10/30 5:1 p.m.61 views

CVE-2023-21374

The CVE-2023-21374 entry concerns Android System UI: a logic error that enables a factory reset protection bypass, leading to local elevation of privilege with no extra execution privileges and no user interaction required. Affected component: System UI on Android; vulnerability type is Elevation...

7.8CVSS7.8AI score0.0009EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/10/30 12:0 a.m.5 views

PT-2023-18149 · Systemui · Systemui

Name of the Vulnerable Software and Affected Versions: System UI affected versions not specified Description: The issue is related to a logic error in the code of System UI, which could allow a factory reset protection bypass. This bypass could lead to local escalation of privilege without...

7.8CVSS7AI score0.0009EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2023/06/15 7:15 p.m.4 views

CVE-2023-21139

In bindPlayer of MediaControlPanel.java, there is a possible launch arbitrary activity in SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.8CVSS6.2AI score0.00083EPSS
Exploits0References2
OSV
OSV
added 2023/06/15 7:15 p.m.4 views

CVE-2023-21126

In bindOutputSwitcherAndBroadcastButton of MediaControlPanel.java, there is a possible launch arbitrary activity under SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/06/15 7:15 p.m.3 views

CVE-2023-21126

In bindOutputSwitcherAndBroadcastButton of MediaControlPanel.java, there is a possible launch arbitrary activity under SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7.3AI score0.00086EPSS
Exploits0References2
Rows per page
Query Builder