Lucene search
K

672 matches found

OSV
OSV
added 2021/02/10 5:15 p.m.2 views

CVE-2021-0314

In onCreate of UninstallerActivity, there is a possible way to uninstall an all without informed user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product:...

7.3CVSS7.2AI score
Exploits0References1
NVD
NVD
added 2021/02/10 5:15 p.m.20 views

CVE-2021-0314

In onCreate of UninstallerActivity, there is a possible way to uninstall an all without informed user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product:...

7.3CVSS0.00274EPSS
Exploits0References1
NVD
NVD
added 2021/02/10 5:15 p.m.14 views

CVE-2021-0305

In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9...

9.3CVSS0.00517EPSS
Exploits0References1
OSV
OSV
added 2021/02/10 5:15 p.m.1 views

CVE-2021-0305

In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9...

7.8CVSS5.9AI score0.00517EPSS
Exploits0References1
NVD
NVD
added 2021/02/10 5:15 p.m.15 views

CVE-2021-0302

In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9...

9.3CVSS0.00705EPSS
Exploits0References1
OSV
OSV
added 2021/02/10 5:15 p.m.3 views

CVE-2021-0302

In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9...

7.8CVSS7.2AI score0.00705EPSS
Exploits0References1
Prion
Prion
added 2021/02/10 5:15 p.m.23 views

Buffer overflow

In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. This could lead to local escalation of privilege with User execution privileges needed. User...

6.9CVSS7.3AI score0.00302EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/02/10 5:15 p.m.12 views

Default configuration

In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9...

9.3CVSS7.7AI score0.00517EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/02/10 5:15 p.m.16 views

Default configuration

In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9...

9.3CVSS7.7AI score0.00705EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/02/10 5:15 p.m.23 views

Design/Logic Flaw

In onCreate of UninstallerActivity, there is a possible way to uninstall an all without informed user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product:...

6.9CVSS7.2AI score0.00274EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/02/10 4:50 p.m.20 views

CVE-2021-0314

In onCreate of UninstallerActivity, there is a possible way to uninstall an all without informed user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product:...

7.5AI score0.00274EPSS
Exploits0References1
CVE
CVE
added 2021/02/10 4:50 p.m.118 views

CVE-2021-0314

The CVE-2021-0314 issue affects Android’s UninstallerActivity in the Framework. It describes a tapjacking/overlay-based method to uninstall an app without informed user consent, leading to local elevation of privilege with User execution privileges needed. Affected Android versions include 8.1, 9...

7.3CVSS7.2AI score0.00274EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/02/10 4:49 p.m.26 views

CVE-2021-0333

In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. This could lead to local escalation of privilege with User execution privileges needed. User...

7.5AI score0.00302EPSS
Exploits0References1
CVE
CVE
added 2021/02/10 4:49 p.m.127 views

CVE-2021-0333

CVE-2021-0333 affects Android BluetoothPermissionActivity.java, where a tapjacking overlay during device pairing can bypass the phonebook permissions dialog. This enables local privilege escalation with user interaction required, across Android 8.1–11. The issue is documented in multiple sources ...

7.3CVSS7.2AI score0.00302EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/02/10 4:48 p.m.131 views

CVE-2021-0302

CVE-2021-0302 describes a tapjacking/overlay risk in Android’s PackageInstaller caused by an insecure default value, enabling local escalation of privilege with no extra execution privileges and requiring user interaction to exploit. Affected products: Android versions 8.1, 9, and 10 (per the vul...

9.3CVSS7.7AI score0.00705EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/02/10 4:48 p.m.28 views

CVE-2021-0302

In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9...

8AI score0.00705EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/02/10 4:48 p.m.23 views

CVE-2021-0305

In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9...

8AI score0.00517EPSS
Exploits0References1
CVE
CVE
added 2021/02/10 4:48 p.m.115 views

CVE-2021-0305

CVE-2021-0305 affects the Android PackageInstaller. The issue is a tapjacking vulnerability caused by an insecure default value, enabling local escalation of privilege with no extra execution privileges, requiring user interaction to exploit. Affected platforms include Android 8.1, 9, and 10. The...

9.3CVSS7.7AI score0.00517EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2021/02/01 12:0 a.m.23 views

ASB-A-154015447

In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation...

9.3CVSS7.9AI score0.00517EPSS
Exploits0References4
OSV
OSV
added 2021/02/01 12:0 a.m.31 views

ASB-A-155287782

In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation...

9.3CVSS7.9AI score0.00705EPSS
Exploits0References2
Rows per page
Query Builder