19 matches found
EUVD-2021-26053
Malware in sbrugna...
EUVD-2022-25701
Malicious code in bioql PyPI...
CVE-2021-39696
In Task.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID:...
CVE-2022-20512
In navigateUpTo of Task.java, there is a possible way to launch an intent handler with a mismatched intent due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
Input validation
In navigateUpTo of Task.java, there is a possible way to launch an intent handler with a mismatched intent due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-20512
In navigateUpTo of Task.java, there is a possible way to launch an intent handler with a mismatched intent due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
PT-2022-14725 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to improper input validation in the navigateUpTo function of Task.java, which could allow launching an intent handler with a mismatched intent. This could lead to local escalation ...
CVE-2022-20512
CVE-2022-20512 affects Android 13 via an input validation flaw in Task.java: navigateUpTo can launch an intent with a mismatched intent, enabling local elevation of privilege without user interaction. The issue is documented in Google’s Pixel bulletin; patch level 2022-12-05 (and related Android-...
CVE-2022-20441
In navigateUpTo of Task.java, there is a possible way to launch an unexported intent handler due to a logic error in the code. This could lead to local escalation of privilege if the targeted app has an intent trampoline, with no additional execution privileges needed. User interaction is not...
Code injection
In navigateUpTo of Task.java, there is a possible way to launch an unexported intent handler due to a logic error in the code. This could lead to local escalation of privilege if the targeted app has an intent trampoline, with no additional execution privileges needed. User interaction is not...
PT-2022-14665 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-13 Description: A logic error in the code of Task.java allows for the launch of an unexported intent handler, potentially leading to local escalation of privilege. This issue can be exploited withou...
CVE-2022-20441
In navigateUpTo of Task.java, there is a possible way to launch an unexported intent handler due to a logic error in the code. This could lead to local escalation of privilege if the targeted app has an intent trampoline, with no additional execution privileges needed. User interaction is not...
CVE-2022-20441
CVE-2022-20441 affects Android 10–13, originating from a logic error in Task.java: navigateUpTo can launch an unexported intent handler, enabling local elevation of privilege if the target app uses an intent trampoline. The vulnerability is described as requiring local access with no additional e...
ASB-A-238605611
In navigateUpTo of Task.java, there is a possible way to launch an unexported intent handler due to a logic error in the code. This could lead to local escalation of privilege if the targeted app has an intent trampoline, with no additional execution privileges needed. User interaction is not...
CVE-2021-39696
In Task.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID:...
Privilege escalation
In Task.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID:...
CVE-2021-39696
CVE-2021-39696 affects Android (10–12) via Task.java, enabling local privilege escalation (confused deputy) with no extra execution privileges; exploitation requires user interaction. CVSS3.1: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, base score 7.8 (High). The vulnerability is documented in Android s...
CVE-2021-39696
In Task.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID:...
ASB-A-185810717
In Task.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...