Google

Android

8158 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.09%
  • Veröffentlicht 27.09.2023 15:19:35
  • Zuletzt bearbeitet 21.11.2024 08:25:17

The vulnerability is to theft of arbitrary files with system privilege in the Screen recording ("com.lge.gametools.gamerecorder") app in the "com/lge/gametools/gamerecorder/settings/ProfilePreferenceFragment.java" file. The main problem is that the a...

  • EPSS 0.13%
  • Veröffentlicht 27.09.2023 15:19:35
  • Zuletzt bearbeitet 21.11.2024 08:25:17

The vulnerability is the use of implicit PendingIntents without the PendingIntent.FLAG_IMMUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Personalized service ("com.lge.abba") app. The attacker's app...

  • EPSS 0.1%
  • Veröffentlicht 11.09.2023 21:15:42
  • Zuletzt bearbeitet 02.05.2025 17:15:47

In computeValuesFromData of FileUtils.java, there is a possible way to insert files to other apps' external private directories due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges ne...

  • EPSS 0.23%
  • Veröffentlicht 11.09.2023 21:15:42
  • Zuletzt bearbeitet 21.11.2024 08:08:28

In onHostEmulationData of HostEmulationManager.java, there is a possible way for a general purpose NFC reader to read the full card number and expiry details when the device is in locked screen mode due to a logic error in the code. This could lead t...

  • EPSS 0.2%
  • Veröffentlicht 11.09.2023 21:15:42
  • Zuletzt bearbeitet 21.11.2024 08:08:28

In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for...

Warnung
  • EPSS 2.2%
  • Veröffentlicht 11.09.2023 21:15:42
  • Zuletzt bearbeitet 23.10.2025 14:52:35

In onCreate of WindowState.java, there is a possible way to launch a background activity due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed...

  • EPSS 0.11%
  • Veröffentlicht 11.09.2023 21:15:42
  • Zuletzt bearbeitet 21.11.2024 08:08:29

In loadMediaResumptionControls of MediaResumeListener.kt, there is a possible way to play and listen to media files played by another user on the same device due to a logic error in the code. This could lead to local information disclosure with no ad...

  • EPSS 0.1%
  • Veröffentlicht 11.09.2023 21:15:42
  • Zuletzt bearbeitet 21.11.2024 08:08:29

In createQuickShareAction of SaveImageInBackgroundTask.java, there is a possible way to trigger a background activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges need...

  • EPSS 0.09%
  • Veröffentlicht 11.09.2023 21:15:42
  • Zuletzt bearbeitet 21.11.2024 08:08:29

In onCreate of DeviceAdminAdd.java, there is a possible way to forcibly add a device admin due to a missing permission check. This could lead to local denial of service (factory reset or continuous locking) with no additional execution privileges nee...

  • EPSS 0.1%
  • Veröffentlicht 11.09.2023 21:15:42
  • Zuletzt bearbeitet 21.11.2024 08:08:29

In MtpPropertyValue of MtpProperty.h, there is a possible out of bounds read due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.