In requestCellInfoUpdateInternal of PhoneInterfaceManager.java, there is a missing permission check. This could lead to local information disclosure of location data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
In postInstantAppNotif of InstantAppNotifier.java, there is a possible permission bypass due to a PendingIntent error. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product:...
In postInstantAppNotif of InstantAppNotifier.java, there is a possible permission bypass due to a PendingIntent error. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product:...
In Threshold::getHistogram of ImageProcessHelper.java, there is a possible crash loop due to an uncaught exception. This could lead to local denial of service with User execution privileges needed. User interaction is needed for exploitation.Product:...
In clearPropValue of MediaAnalyticsItem.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the media server with no additional execution privileges needed. User interaction is...
In reset of NuPlayerDriver.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the media server with no additional execution privileges needed. User interaction is...
In NuPlayerStreamListener of NuPlayerStreamListener.cpp, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
In NewFixedDoubleArray of factory.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed...
In getDocumentMetadata of DocumentsContract.java, there is a possible disclosure of location metadata from a file due to a permissions bypass. This could lead to local information disclosure from a file (eg. a photo) containing...
In updatePreferenceIntents of AccountTypePreferenceLoader, there is a possible confused deputy attack due to a race condition. This could lead to local escalation of privilege and launching privileged activities with no additional execution privileges needed....
In postNotification of ServiceRecord.java, there is a possible bypass of foreground process restrictions due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction...
Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20), as used by many different vendors in millions of Internet of Things devices, suffers from a privilege escalation vulnerability that allows attackers on the...
Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20), as used by many different vendors in millions of Internet of Things devices, suffers from cryptographic issues that allow remote attackers to access user...
Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20, after 2018-08-09 through 2020), as used by many different vendors in millions of Internet of Things devices, suffers from buffer overflow vulnerability that allows...
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.