CVE-2023-40073

In visitUris of Notification.java, there is a possible cross-user media read due to Confused Deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Linux Distros Unpatched Vulnerability : CVE-2023-21244

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In visitUris of Notification.java, there is a possible bypass of user profile boundaries due to a missing permission check. This could lead to local escalation ...

Linux Distros Unpatched Vulnerability : CVE-2023-21291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In visitUris of Notification.java, there is a possible way to reveal image contents from another user due to a missing permission check. This could lead to loca...

Linux Distros Unpatched Vulnerability : CVE-2023-40073

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In visitUris of Notification.java, there is a possible cross-user media read due to Confused Deputy. This could lead to local information disclosure with no...

CVE-2023-21286

In visitUris of RemoteViews.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21279

In visitUris of RemoteViews.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21288

In visitUris of Notification.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21291

In visitUris of Notification.java, there is a possible way to reveal image contents from another user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21244

In visitUris of Notification.java, there is a possible bypass of user profile boundaries due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-43084

In visitUris of multiple files, there is a possible information disclosure due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-43084

In visitUris of multiple files, there is a possible information disclosure due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-43084

In visitUris of multiple files, there is a possible information disclosure due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-43084

In visitUris of multiple files, there is a possible information disclosure due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-43084

CVE-2024-43084 is a Google Android information-disclosure flaw described across multiple sources as a confused-deputy in visitUris. Affected area is listed under Android security data with an information disclosure (ID) or library/Framework contexts, enabling local access to sensitive data withou...

PT-2024-30284 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a confused deputy flaw in the visitUris of multiple files, which could lead to local information disclosure without requiring...

ASB-A-281044385

In visitUris of multiple files, there is a possible information disclosure due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-35668

In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-35668

In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-40073

In visitUris of Notification.java, there is a possible cross-user media read due to Confused Deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

UBUNTU-CVE-2023-35668

In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...