CVE-2024-40662

In scheme of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-40662

In scheme of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-40662

CVE-2024-40662 affects the Android framework Uri.java, where improper input validation in the scheme handling can allow crafting a malformed Uri object. The result is local privilege escalation with no additional privileges or user interaction required. The CVSS v3.1 score is 7.8 (HIGH) with LOCA...

CVE-2024-40662

In scheme of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Android elevation of privilege vulnerability (CNVD-2023-82067)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates from improper input validation in the readFrom module of Uri.java, which can be exploited by an attacker to gain elevated privileges...

Input validation

In readFrom of Uri.java, there is a possible bad URI permission grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21272

In readFrom of Uri.java, there is a possible bad URI permission grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21272

CVE-2023-21272 concerns an elevation of privilege in Android via the readFrom path in the Uri.java implementation. The vulnerability arises from improper input validation in Uri.readFrom, enabling a possible bad URI permission grant with local impact and no extra execution privileges required. Re...

ASB-A-227471459

In readFrom of Uri.java, there is a possible bad URI permission grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Input validation

In HierarchicalUri.readFrom of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to a local escalation of privilege, preventing processes from validating URIs correctly, with no additional execution privileges needed. User...

CVE-2022-20338

Summary: CVE-2022-20338 affects Android (Android-11, Android-12, Android-12L, Android-13) due to a vulnerability in HierarchicalUri.readFrom in Uri.java that allows crafting a malformed URI because of improper input validation, enabling local escalation of privilege without extra execution privil...

Privilege escalation

In multiple functions of URI.java, there is a possible escalation of privilege due to missing validation in the parceling of URI information. This could lead to a local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2020-0166

CVE-2020-0166 affects Android 10, where in multiple functions of URI.java a missing validation during parceling of URI information can lead to local privilege escalation. The Android Security Bulletin (Pixel Update Bulletin) lists CVE-2020-0166 under the Android runtime with Updated AOSP version ...