Google

Android

8158 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.12%
  • Veröffentlicht 15.12.2021 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:43:16

In showNotification of NavigationModeController.java, there is a possible confused deputy due to an unsafe PendingIntent. This could lead to local escalation of privilege that allows actions performed as the System UI with User execution privileges n...

  • EPSS 0.38%
  • Veröffentlicht 15.12.2021 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:43:16

In onCreate of CompanionDeviceActivity.java or DeviceChooserActivity.java, there is a possible way for HTML tags to interfere with a consent dialog due to improper input validation. This could lead to remote escalation of privilege, confusing the use...

  • EPSS 0.14%
  • Veröffentlicht 15.12.2021 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:43:18

In doCropPhoto of PhotoSelectionHandler.java, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure of user's contacts with no additional execution privileges needed. User interaction is neede...

  • EPSS 0.11%
  • Veröffentlicht 15.12.2021 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:43:18

In setOnClickActivityIntent of SearchWidgetProvider.java, there is a possible way to access contacts and history bookmarks without permission due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privile...

  • EPSS 0.26%
  • Veröffentlicht 15.12.2021 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:43:18

In ResolverActivity, there is a possible user interaction bypass due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidV...

  • EPSS 0.09%
  • Veröffentlicht 15.12.2021 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:43:18

In pf_write_buf of FuseDaemon.cpp, there is possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: ...

  • EPSS 1.23%
  • Veröffentlicht 15.12.2021 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:43:18

In NfcTag::discoverTechnologies (activation) of NfcTag.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additionalSystem execution privileges needed. User interac...

  • EPSS 0.11%
  • Veröffentlicht 15.12.2021 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:43:18

In update of km_compat.cpp, there is a possible loss of potentially sensitive data due to a logic error in the code. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Pro...

  • EPSS 0.15%
  • Veröffentlicht 15.12.2021 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:43:19

In quota_proc_write of xt_quota2.c, there is a possible way to read kernel memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Prod...

  • EPSS 0.2%
  • Veröffentlicht 15.12.2021 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:43:19

In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in keychain due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User inter...