CVE-2024-34738
- EPSS 0.08%
- Veröffentlicht 15.08.2024 22:15:06
- Zuletzt bearbeitet 26.03.2025 21:15:22
In multiple functions of AppOpsService.java, there is a possible way for unprivileged apps to read their own restrictRead app-op states due to a logic error in the code. This could lead to local escalation of privilege with no additional execution pr...
CVE-2024-34739
- EPSS 0.19%
- Veröffentlicht 15.08.2024 22:15:06
- Zuletzt bearbeitet 29.09.2025 23:05:08
In shouldRestrictOverlayActivities of UsbProfileGroupSettingsManager.java, there is a possible escape from SUW due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User int...
CVE-2024-34740
- EPSS 0.15%
- Veröffentlicht 15.08.2024 22:15:06
- Zuletzt bearbeitet 17.12.2024 17:55:29
In attributeBytesBase64 and attributeBytesHex of BinaryXmlSerializer.java, there is a possible arbitrary XML injection due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User i...
CVE-2024-34741
- EPSS 0.15%
- Veröffentlicht 15.08.2024 22:15:06
- Zuletzt bearbeitet 17.12.2024 17:50:40
In setForceHideNonSystemOverlayWindowIfNeeded of WindowState.java, there is a possible way for message content to be visible on the screensaver while lock screen visibility settings are restricted by the user due to a logic error in the code. This co...
CVE-2024-34742
- EPSS 0.08%
- Veröffentlicht 15.08.2024 22:15:06
- Zuletzt bearbeitet 25.11.2024 18:15:11
In shouldWrite of OwnersData.java, there is a possible edge case that prevents MDM policies from being persisted due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interac...
CVE-2024-34743
- EPSS 0.08%
- Veröffentlicht 15.08.2024 22:15:06
- Zuletzt bearbeitet 17.12.2024 17:47:48
In setTransactionState of SurfaceFlinger.cpp, there is a possible way to perform tapjacking due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not nee...
CVE-2024-20083
- EPSS 0.26%
- Veröffentlicht 14.08.2024 03:15:04
- Zuletzt bearbeitet 30.05.2025 17:08:24
In venc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08810810 / ALPS08...
CVE-2024-31334
- EPSS 0.1%
- Veröffentlicht 09.07.2024 21:15:14
- Zuletzt bearbeitet 17.12.2024 19:02:13
In DevmemIntFreeDefBackingPage of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User i...
CVE-2024-31335
- EPSS 0.12%
- Veröffentlicht 09.07.2024 21:15:14
- Zuletzt bearbeitet 17.12.2024 18:46:00
In DevmemIntChangeSparse2 of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User intera...
CVE-2024-31339
- EPSS 0.12%
- Veröffentlicht 09.07.2024 21:15:14
- Zuletzt bearbeitet 17.12.2024 18:21:52
In multiple functions of StatsService.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...