CVE-2025-12063

An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions...

EUVD-2022-25798

Malicious code in bioql PyPI...

CVE-2025-53077

An execution after redirect in Samsung DMSData Management Server allows attackers to execute limited functions without permissions. An attacker could compromise the integrity of the platform by executing this vulnerability...

CVE-2022-20307

In AlarmManagerService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

CVE-2021-39761

In Media, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Produc...

CVE-2021-39777

In Telephony, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2021-39766

In Settings, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

CVE-2023-21348

In Window Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitati...

CVE-2023-21332

In Text Services, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitatio...

CVE-2023-21318

In Content, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21299

In Package Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

PT-2022-14746 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions prior to Android-13 Description: The issue is related to side channel information disclosure in Telecom, allowing an attacker to determine whether an app is installed without query permissions. This could lead to local...

CVE-2022-45118

OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication subsystem sends public events with personal data, but the permission is not set. Malicious apps could listen to public events and obtain information such as mobile numbers and SMS data without permissions...

PT-2022-22487 · Accessing Template Content Without Permissions +3 · Otrs +1

Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue allows article template contents with sensitive data to be accessed from agents without proper permissions. Recommendations: At the moment, there is no information about a newer...

CVE-2022-20318

In PackageInstaller, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

CVE-2022-20279

In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

CVE-2022-20275

In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from the American company Google. Google Android 13 suffers from a security vulnerability that stems from a lack of permission checking. The vulnerability is exploited by an attacker to enable Wifi without permissions...

Google Android 信息泄露漏洞

Google Android is a Linux-based open source operating system from Google, Inc. in the United States. A security vulnerability exists in the Google Android DevicePolicyManager component, which stems from the disclosure of side-channel information, with a possible way to determine if an application...

CVE-2022-20249

In LocaleManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...