CVE-2025-48559
- EPSS 0.09%
- Veröffentlicht 04.09.2025 18:34:36
- Zuletzt bearbeitet 05.09.2025 19:02:15
In multiple functions of AppOpsService.java, there is a possible add a large amount of app ops due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed...
CVE-2025-48558
- EPSS 0.08%
- Veröffentlicht 04.09.2025 18:34:35
- Zuletzt bearbeitet 05.09.2025 19:02:24
In multiple functions of BatteryService.java, there is a possible way to hijack implicit intent intended for system app due to Implicit intent hijacking. This could lead to local escalation of privilege with no additional execution privileges needed....
CVE-2025-48556
- EPSS 0.08%
- Veröffentlicht 04.09.2025 18:34:34
- Zuletzt bearbeitet 05.09.2025 19:02:34
In multiple methods of NotificationChannel.java, there is a possible desynchronization from persistence due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interactio...
CVE-2025-48554
- EPSS 0.08%
- Veröffentlicht 04.09.2025 18:34:33
- Zuletzt bearbeitet 05.09.2025 19:02:44
In handlePackagesChanged of DevicePolicyManagerService.java, there is a possible persistent denial of service due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interactio...
CVE-2025-48553
- EPSS 0.09%
- Veröffentlicht 04.09.2025 18:34:32
- Zuletzt bearbeitet 08.09.2025 16:38:10
In handlePackagesChanged of DevicePolicyManagerService.java, there is a possible DoS of a device admin due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction...
CVE-2025-48552
- EPSS 0.1%
- Veröffentlicht 04.09.2025 18:34:31
- Zuletzt bearbeitet 08.09.2025 16:38:23
In saveGlobalProxyLocked of DevicePolicyManagerService.java, there is a possible way to desync from persistence due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User in...
- EPSS 0.07%
- Veröffentlicht 04.09.2025 18:34:30
- Zuletzt bearbeitet 05.09.2025 19:02:54
In multiple locations, there is a possible leak of an image across the Android User isolation boundary due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is neede...
CVE-2025-48550
- EPSS 0.09%
- Veröffentlicht 04.09.2025 18:34:29
- Zuletzt bearbeitet 05.09.2025 19:03:02
In testGrantSlicePermission of SliceManagerTest.java, there is a possible permanent denial of service due to a path traversal error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not ne...
CVE-2025-48549
- EPSS 0.11%
- Veröffentlicht 04.09.2025 18:34:28
- Zuletzt bearbeitet 05.09.2025 19:03:19
In multiple locations, there is a possible way to record audio via a background app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2025-48548
- EPSS 0.1%
- Veröffentlicht 04.09.2025 18:34:27
- Zuletzt bearbeitet 05.09.2025 19:03:41
In multiple functions of AppOpsControllerImpl.java, there is a possible way to record audio without displaying the privacy indicator due to a race condition. This could lead to local escalation of privilege with User execution privileges needed. User...