Vendor CVEs
All CVEs
11,416 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-26443 | Hig | 0.47 | 7.3 | 0.00 | Sep 4, 2025 | In parseHtml of HtmlToSpannedParser.java, there is a possible way to install apps without allowing installation from unknown sources due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User… | ||
| CVE-2025-36907 | Hig | 0.47 | 7.3 | 0.00 | Sep 4, 2025 | In draw_surface_image() of abl/android/lib/draw/draw.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege via USB fastboot, after a bootloader unlock, with no additional execution privileges needed. User… | ||
| CVE-2025-22439 | Hig | 0.47 | 7.3 | 0.00 | Sep 2, 2025 | In onLastAccessedStackLoaded of ActionHandler.java , there is a possible way to bypass storage restrictions across apps due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed… | ||
| CVE-2025-22427 | Hig | 0.47 | 7.3 | 0.00 | Sep 2, 2025 | In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way to grant notification access above the lock screen due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User… | ||
| CVE-2025-22419 | Hig | 0.47 | 7.3 | 0.00 | Sep 2, 2025 | In multiple locations, there is a possible way to mislead the user into enabling malicious phone calls forwarding due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for… | ||
| CVE-2025-22417 | Hig | 0.47 | 7.3 | 0.00 | Sep 2, 2025 | In finishTransition of Transition.java, there is a possible way to bypass touch filtering restrictions due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | ||
| CVE-2024-40653 | Hig | 0.47 | 7.3 | 0.00 | Sep 2, 2025 | In multiple functions of ConnectionServiceWrapper.java, there is a possible way to retain a permission forever in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is… | ||
| CVE-2018-9370 | Hig | 0.47 | 7.3 | 0.00 | Nov 19, 2024 | In download.c there is a special mode allowing user to download data into memory and causing possible memory corruptions due to missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for… | ||
| CVE-2018-9369 | Hig | 0.47 | 7.3 | 0.00 | Nov 19, 2024 | In bootloader there is fastboot command allowing user specified kernel command line arguments. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | ||
| CVE-2024-31331 | Hig | 0.47 | 7.3 | 0.00 | Jul 9, 2024 | In setMimeGroup of PackageManagerService.java, there is a possible way to hide the service from Settings due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. | ||
| CVE-2024-31324 | Hig | 0.47 | 7.3 | 0.00 | Jul 9, 2024 | In hide of WindowState.java, there is a possible way to bypass tapjacking/overlay protection by launching the activity in portrait mode first and then rotating it to landscape mode. This could lead to local escalation of privilege with User execution privileges needed. User… | ||
| CVE-2024-29757 | Hig | 0.47 | 7.3 | 0.00 | Apr 5, 2024 | there is a possible permission bypass due to Debug certs being allowlisted. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2023-45780 | Hig | 0.47 | 7.3 | 0.00 | Oct 30, 2023 | In Print Service, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | ||
| CVE-2023-35649 | Hig | 0.47 | 7.2 | 0.00 | Oct 11, 2023 | In several functions of Exynos modem files, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2023-35691 | Hig | 0.47 | 7.2 | 0.00 | Jul 13, 2023 | there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2023-21251 | Hig | 0.47 | 7.3 | 0.00 | Jul 13, 2023 | In onCreate of ConfirmDialog.java, there is a possible way to connect to VNP bypassing user's consent due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. | ||
| CVE-2023-21189 | Hig | 0.47 | 7.3 | 0.00 | Jun 28, 2023 | In startLockTaskMode of LockTaskController.java, there is a possible bypass of lock task mode due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:… | ||
| CVE-2023-21054 | Hig | 0.47 | 7.2 | 0.01 | Mar 24, 2023 | In EUTRAN_LCS_ConvertLCS_MOLRReq of LPP_CommonUtil.c, there is a possible out of bounds write due to a logic error in the code. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.Product:… | ||
| CVE-2023-20976 | Hig | 0.47 | 7.3 | 0.00 | Mar 24, 2023 | In getConfirmationMessage of DefaultAutofillPicker.java, there is a possible way to mislead the user to select default autofill application due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User… | ||
| CVE-2023-20921 | Hig | 0.47 | 7.3 | 0.00 | Jan 26, 2023 | In onPackageRemoved of AccessibilityManagerService.java, there is a possibility to automatically grant accessibility services due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is… | ||
| CVE-2022-20603 | Hig | 0.47 | 7.2 | 0.01 | Dec 16, 2022 | In SetDecompContextDb of RohcDeCompContextOfRbId.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.Product:… | ||
| CVE-2022-20501 | Hig | 0.47 | 7.3 | 0.00 | Dec 13, 2022 | In onCreate of EnableAccountPreferenceActivity.java, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction… | ||
| CVE-2022-20442 | Hig | 0.47 | 7.3 | 0.00 | Dec 13, 2022 | In onCreate of ReviewPermissionsActivity.java, there is a possible way to grant permissions for a separate app with API level < 23 due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is… | ||
| CVE-2022-20193 | Hig | 0.47 | 7.3 | 0.00 | Jun 15, 2022 | In getUniqueUsagesWithLabels of PermissionUsageHelper.java, there is a possible incorrect permission attribution due to a logic error in the code. This could lead to local escalation of privilege by conflating apps with User execution privileges needed. User interaction is… | ||
| CVE-2022-20137 | Hig | 0.47 | 7.3 | 0.00 | Jun 15, 2022 | In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner users to change WiFi settings due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for… | ||
| CVE-2022-20126 | Hig | 0.47 | 7.3 | 0.00 | Jun 15, 2022 | In setScanMode of AdapterService.java, there is a possible way to enable Bluetooth discovery mode without user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for… | ||
| CVE-2021-39691 | Hig | 0.47 | 7.3 | 0.00 | Jun 15, 2022 | In WindowManager, there is a possible tapjacking attack due to an incorrect window flag when processing user input. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:… | ||
| CVE-2021-39796 | Hig | 0.47 | 7.3 | 0.00 | Apr 12, 2022 | In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there is a possible way to trick victim to install harmful app due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed… | ||
| CVE-2021-39625 | Hig | 0.47 | 7.3 | 0.00 | Jan 14, 2022 | In showCarrierAppInstallationNotification of EuiccNotificationManager.java, there is a possible way to gain an access to MediaProvider content due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction… | ||
| CVE-2021-1021 | Hig | 0.47 | 7.3 | 0.00 | Dec 15, 2021 | In snoozeNotificationInt of NotificationManagerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed… | ||
| CVE-2021-1020 | Hig | 0.47 | 7.3 | 0.00 | Dec 15, 2021 | In snoozeNotification of NotificationListenerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed… | ||
| CVE-2021-1019 | Hig | 0.47 | 7.3 | 0.00 | Dec 15, 2021 | In snoozeNotification of NotificationListenerService.java, there is a possible permission confusion due to a misleading user consent dialog. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for… | ||
| CVE-2021-1016 | Hig | 0.47 | 7.3 | 0.00 | Dec 15, 2021 | In onCreate of UsbPermissionActivity.java, there is a possible way to grant an app access to USB without informed user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed… | ||
| CVE-2021-0954 | Hig | 0.47 | 7.3 | 0.00 | Dec 15, 2021 | In ResolverActivity, there is a possible user interaction bypass due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10… | ||
| CVE-2021-0769 | Hig | 0.47 | 7.3 | 0.00 | Dec 15, 2021 | In onCreate of AllowBindAppWidgetActivity.java, there is a possible bypass of user interaction requirements due to unclear UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:… | ||
| CVE-2021-0434 | Hig | 0.47 | 7.3 | 0.00 | Dec 15, 2021 | In onReceive of BluetoothPermissionRequest.java, there is a possible phishing attack allowing a malicious Bluetooth device to acquire permissions based on insufficient information presented to the user in the consent dialog. This could lead to local escalation of privilege with… | ||
| CVE-2021-0583 | Hig | 0.47 | 7.3 | 0.00 | Oct 11, 2021 | In onCreate of BluetoothPairingDialog, there is a possible way to enable Bluetooth without user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for… | ||
| CVE-2021-0598 | Hig | 0.47 | 7.3 | 0.00 | Oct 6, 2021 | In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product:… | ||
| CVE-2021-0591 | Hig | 0.47 | 7.3 | 0.00 | Aug 17, 2021 | In sendReplyIntentToReceiver of BluetoothPermissionActivity.java, there is a possible way to invoke privileged broadcast receivers due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for… | ||
| CVE-2021-0553 | Hig | 0.47 | 7.3 | 0.00 | Jun 22, 2021 | In onBindViewHolder of AppSwitchPreference.java, there is a possible bypass of device admin setttings due to unclear UI. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:… | ||
| CVE-2021-0538 | Hig | 0.47 | 7.3 | 0.00 | Jun 22, 2021 | In onCreate of EmergencyCallbackModeExitDialog.java, there is a possible exit of emergency callback mode due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for… | ||
| CVE-2021-0537 | Hig | 0.47 | 7.3 | 0.00 | Jun 22, 2021 | In onCreate of WiFiInstaller.java, there is a possible way to install a malicious Hotspot 2.0 configuration due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for… | ||
| CVE-2021-0506 | Hig | 0.47 | 7.3 | 0.00 | Jun 21, 2021 | In ActivityPicker.java, there is a possible bypass of user interaction in intent resolution due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product:… | ||
| CVE-2021-0446 | Hig | 0.47 | 7.3 | 0.00 | Apr 13, 2021 | In ImportVCardActivity, there is a possible way to bypass user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:… | ||
| CVE-2021-0333 | Hig | 0.47 | 7.3 | 0.00 | Feb 10, 2021 | In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. This could lead to local escalation of privilege with User execution… | ||
| CVE-2021-0331 | Hig | 0.47 | 7.3 | 0.00 | Feb 10, 2021 | In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack due to an insecure default value. This could lead to local escalation of privilege and notification access with User execution privileges needed. User interaction is needed for… | ||
| CVE-2021-0319 | Hig | 0.47 | 7.3 | 0.00 | Jan 11, 2021 | In checkCallerIsSystemOr of CompanionDeviceManagerService.java, there is a possible way to get a nearby Bluetooth device's MAC address without appropriate permissions due to a permissions bypass. This could lead to local escalation of privilege that grants access to nearby MAC… | ||
| CVE-2020-0271 | Hig | 0.47 | 7.3 | 0.00 | Sep 18, 2020 | In the Settings app, there is an insecure default value. This could lead to local escalation of privilege and tapjacking with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-144507081 | ||
| CVE-2020-0133 | Hig | 0.47 | 7.3 | 0.00 | Jun 11, 2020 | In MockLocationAppPreferenceController.java, it is possible to mock the GPS location of the device due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product:… | ||
| CVE-2019-2216 | Hig | 0.47 | 7.3 | 0.00 | Mar 15, 2020 | In overlay notifications, there is a possible hidden notification due to improper input validation. This could lead to a local escalation of privilege because the user is not notified of an overlaying app, with User execution privileges needed. User interaction is needed for… |
- risk 0.47cvss 7.3epss 0.00
In parseHtml of HtmlToSpannedParser.java, there is a possible way to install apps without allowing installation from unknown sources due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User…
- risk 0.47cvss 7.3epss 0.00
In draw_surface_image() of abl/android/lib/draw/draw.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege via USB fastboot, after a bootloader unlock, with no additional execution privileges needed. User…
- risk 0.47cvss 7.3epss 0.00
In onLastAccessedStackLoaded of ActionHandler.java , there is a possible way to bypass storage restrictions across apps due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed…
- risk 0.47cvss 7.3epss 0.00
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way to grant notification access above the lock screen due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User…
- risk 0.47cvss 7.3epss 0.00
In multiple locations, there is a possible way to mislead the user into enabling malicious phone calls forwarding due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for…
- risk 0.47cvss 7.3epss 0.00
In finishTransition of Transition.java, there is a possible way to bypass touch filtering restrictions due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
- risk 0.47cvss 7.3epss 0.00
In multiple functions of ConnectionServiceWrapper.java, there is a possible way to retain a permission forever in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is…
- risk 0.47cvss 7.3epss 0.00
In download.c there is a special mode allowing user to download data into memory and causing possible memory corruptions due to missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for…
- risk 0.47cvss 7.3epss 0.00
In bootloader there is fastboot command allowing user specified kernel command line arguments. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
- risk 0.47cvss 7.3epss 0.00
In setMimeGroup of PackageManagerService.java, there is a possible way to hide the service from Settings due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.
- risk 0.47cvss 7.3epss 0.00
In hide of WindowState.java, there is a possible way to bypass tapjacking/overlay protection by launching the activity in portrait mode first and then rotating it to landscape mode. This could lead to local escalation of privilege with User execution privileges needed. User…
- risk 0.47cvss 7.3epss 0.00
there is a possible permission bypass due to Debug certs being allowlisted. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- risk 0.47cvss 7.3epss 0.00
In Print Service, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
- risk 0.47cvss 7.2epss 0.00
In several functions of Exynos modem files, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.
- risk 0.47cvss 7.2epss 0.00
there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed. User interaction is not needed for exploitation.
- risk 0.47cvss 7.3epss 0.00
In onCreate of ConfirmDialog.java, there is a possible way to connect to VNP bypassing user's consent due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.
- risk 0.47cvss 7.3epss 0.00
In startLockTaskMode of LockTaskController.java, there is a possible bypass of lock task mode due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:…
- risk 0.47cvss 7.2epss 0.01
In EUTRAN_LCS_ConvertLCS_MOLRReq of LPP_CommonUtil.c, there is a possible out of bounds write due to a logic error in the code. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.Product:…
- risk 0.47cvss 7.3epss 0.00
In getConfirmationMessage of DefaultAutofillPicker.java, there is a possible way to mislead the user to select default autofill application due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User…
- risk 0.47cvss 7.3epss 0.00
In onPackageRemoved of AccessibilityManagerService.java, there is a possibility to automatically grant accessibility services due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is…
- risk 0.47cvss 7.2epss 0.01
In SetDecompContextDb of RohcDeCompContextOfRbId.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.Product:…
- risk 0.47cvss 7.3epss 0.00
In onCreate of EnableAccountPreferenceActivity.java, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction…
- risk 0.47cvss 7.3epss 0.00
In onCreate of ReviewPermissionsActivity.java, there is a possible way to grant permissions for a separate app with API level < 23 due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is…
- risk 0.47cvss 7.3epss 0.00
In getUniqueUsagesWithLabels of PermissionUsageHelper.java, there is a possible incorrect permission attribution due to a logic error in the code. This could lead to local escalation of privilege by conflating apps with User execution privileges needed. User interaction is…
- risk 0.47cvss 7.3epss 0.00
In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner users to change WiFi settings due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for…
- risk 0.47cvss 7.3epss 0.00
In setScanMode of AdapterService.java, there is a possible way to enable Bluetooth discovery mode without user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for…
- risk 0.47cvss 7.3epss 0.00
In WindowManager, there is a possible tapjacking attack due to an incorrect window flag when processing user input. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:…
- risk 0.47cvss 7.3epss 0.00
In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there is a possible way to trick victim to install harmful app due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed…
- risk 0.47cvss 7.3epss 0.00
In showCarrierAppInstallationNotification of EuiccNotificationManager.java, there is a possible way to gain an access to MediaProvider content due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction…
- risk 0.47cvss 7.3epss 0.00
In snoozeNotificationInt of NotificationManagerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed…
- risk 0.47cvss 7.3epss 0.00
In snoozeNotification of NotificationListenerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed…
- risk 0.47cvss 7.3epss 0.00
In snoozeNotification of NotificationListenerService.java, there is a possible permission confusion due to a misleading user consent dialog. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for…
- risk 0.47cvss 7.3epss 0.00
In onCreate of UsbPermissionActivity.java, there is a possible way to grant an app access to USB without informed user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed…
- risk 0.47cvss 7.3epss 0.00
In ResolverActivity, there is a possible user interaction bypass due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10…
- risk 0.47cvss 7.3epss 0.00
In onCreate of AllowBindAppWidgetActivity.java, there is a possible bypass of user interaction requirements due to unclear UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:…
- risk 0.47cvss 7.3epss 0.00
In onReceive of BluetoothPermissionRequest.java, there is a possible phishing attack allowing a malicious Bluetooth device to acquire permissions based on insufficient information presented to the user in the consent dialog. This could lead to local escalation of privilege with…
- risk 0.47cvss 7.3epss 0.00
In onCreate of BluetoothPairingDialog, there is a possible way to enable Bluetooth without user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for…
- risk 0.47cvss 7.3epss 0.00
In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product:…
- risk 0.47cvss 7.3epss 0.00
In sendReplyIntentToReceiver of BluetoothPermissionActivity.java, there is a possible way to invoke privileged broadcast receivers due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for…
- risk 0.47cvss 7.3epss 0.00
In onBindViewHolder of AppSwitchPreference.java, there is a possible bypass of device admin setttings due to unclear UI. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…
- risk 0.47cvss 7.3epss 0.00
In onCreate of EmergencyCallbackModeExitDialog.java, there is a possible exit of emergency callback mode due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for…
- risk 0.47cvss 7.3epss 0.00
In onCreate of WiFiInstaller.java, there is a possible way to install a malicious Hotspot 2.0 configuration due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for…
- risk 0.47cvss 7.3epss 0.00
In ActivityPicker.java, there is a possible bypass of user interaction in intent resolution due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product:…
- risk 0.47cvss 7.3epss 0.00
In ImportVCardActivity, there is a possible way to bypass user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…
- risk 0.47cvss 7.3epss 0.00
In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. This could lead to local escalation of privilege with User execution…
- risk 0.47cvss 7.3epss 0.00
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack due to an insecure default value. This could lead to local escalation of privilege and notification access with User execution privileges needed. User interaction is needed for…
- risk 0.47cvss 7.3epss 0.00
In checkCallerIsSystemOr of CompanionDeviceManagerService.java, there is a possible way to get a nearby Bluetooth device's MAC address without appropriate permissions due to a permissions bypass. This could lead to local escalation of privilege that grants access to nearby MAC…
- risk 0.47cvss 7.3epss 0.00
In the Settings app, there is an insecure default value. This could lead to local escalation of privilege and tapjacking with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-144507081
- risk 0.47cvss 7.3epss 0.00
In MockLocationAppPreferenceController.java, it is possible to mock the GPS location of the device due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product:…
- risk 0.47cvss 7.3epss 0.00
In overlay notifications, there is a possible hidden notification due to improper input validation. This could lead to a local escalation of privilege because the user is not notified of an overlaying app, with User execution privileges needed. User interaction is needed for…
Page 106 of 229